*
*
Home
Help
Login
Register
Welcome, Guest. Please login or register.
June 27, 2022, 01:16:22 AM

Login with username, password and session length
Forum changes: Editing of posts has been turned off until further notice.
Search:     Advanced search
275647 Posts in 27717 Topics by 4285 Members Latest Member: - Jason DAngelo Most online today: 69 - most online ever: 565 (October 17, 2020, 02:08:06 PM)
Pages: [1]
Print
Author Topic: Hack attack - officially back up  (Read 2606 times)
Clinton R. Nixon
Member

Posts: 2624


WWW
« on: March 10, 2005, 10:53:53 AM »

We're officially back up from our hack attack. The explanation:

When searching on the version of phpBB that was running, the highlight= field in the URL allowed you to run code on the webserver. If you put, for example:

http://www.indie-rpgs.com/index.php...arrativist+poop

you'd highlight the words 'narrativist' and 'poop'. If you put:

http://www.indie-rpgs.com/index.php?viewtopic=4567&highlight=system("cd ~/indie-rpgs.com && rm -rf *")

you'd delete the entire Forge site. (Note - that string had to be encoded using ASCII codes, but you get the idea.)

This hacker didn't do that. He used the exploit to download several Perl scripts that allowed him to get remote password-less access to the actual server. Using that, he read the database passwords, logged into the DB, deleted the posts and configuration for the Forge, and then deleted all my DB backups.

---

So, that's that. Thanks to the awesome guys at Dreamhost who helped me out with this. We only lost 8 hours of posts, on a Sunday, which is normally a slow posting day.
Logged

Clinton R. Nixon
CRN Games
Ron Edwards
Global Moderator
Member
*
Posts: 16490


WWW
« Reply #1 on: March 10, 2005, 10:56:55 AM »

Hello,

Welcome back, everyone. I'd like to ask that you take the time to consider why you post here, and what you plan to contribute to others' mutual understanding, from now on.

Best,
Ron
Logged
Larry L.
Member

Posts: 616

aka Miskatonic


« Reply #2 on: March 10, 2005, 11:10:20 AM »

"Dreamhost" indeed. That sounds like an otherwise very dead Forge.

Thanks for all the hard work.
Logged

Pages: [1]
Print
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC
Oxygen design by Bloc
Valid XHTML 1.0! Valid CSS!