News:

Forum changes: Editing of posts has been turned off until further notice.

Main Menu

Hack attack - officially back up

Started by Clinton R. Nixon, March 10, 2005, 06:53:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Clinton R. Nixon

March 10, 2005, 06:53:53 PM
We're officially back up from our hack attack. The explanation:

When searching on the version of phpBB that was running, the highlight= field in the URL allowed you to run code on the webserver. If you put, for example:

http://www.indie-rpgs.com/index.php...arrativist+poop

you'd highlight the words 'narrativist' and 'poop'. If you put:

http://www.indie-rpgs.com/index.php?viewtopic=4567&highlight=system("cd ~/indie-rpgs.com && rm -rf *")

you'd delete the entire Forge site. (Note - that string had to be encoded using ASCII codes, but you get the idea.)

This hacker didn't do that. He used the exploit to download several Perl scripts that allowed him to get remote password-less access to the actual server. Using that, he read the database passwords, logged into the DB, deleted the posts and configuration for the Forge, and then deleted all my DB backups.

---

So, that's that. Thanks to the awesome guys at Dreamhost who helped me out with this. We only lost 8 hours of posts, on a Sunday, which is normally a slow posting day.
Clinton R. Nixon
CRN Games

Ron Edwards

#1
March 10, 2005, 06:56:55 PM
Hello,

Welcome back, everyone. I'd like to ask that you take the time to consider why you post here, and what you plan to contribute to others' mutual understanding, from now on.

Best,
Ron

Larry L.

#2
March 10, 2005, 07:10:20 PM
"Dreamhost" indeed. That sounds like an otherwise very dead Forge.

Thanks for all the hard work.
Print
Go Up Pages1
User actions