The Forge Forums Read-only Archives
The live Forge Forums
|
Articles
|
Reviews
Welcome,
Guest
. Please
login
or
register
.
June 27, 2022, 01:16:22 AM
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Forum changes:
Editing of posts has been turned off until further notice.
Search:
Advanced search
275647
Posts in
27717
Topics by
4285
Members Latest Member:
-
Jason DAngelo
Most online today:
69
- most online ever:
565
(October 17, 2020, 02:08:06 PM)
The Forge Archives
General Forge Forums
Site Discussion
Hack attack - officially back up
Pages: [
1
]
« previous
next »
Author
Topic: Hack attack - officially back up (Read 2606 times)
Clinton R. Nixon
Member
Posts: 2624
Hack attack - officially back up
«
on:
March 10, 2005, 10:53:53 AM »
We're officially back up from our hack attack. The explanation:
When searching on the version of phpBB that was running, the highlight= field in the URL allowed you to run code on the webserver. If you put, for example:
http://www.indie-rpgs.com/index.php...arrativist+poop
you'd highlight the words 'narrativist' and 'poop'. If you put:
http://www.indie-rpgs.com/index.php?viewtopic=4567&highlight=system
("cd ~/indie-rpgs.com && rm -rf *")
you'd delete the entire Forge site. (Note - that string had to be encoded using ASCII codes, but you get the idea.)
This hacker didn't do that. He used the exploit to download several Perl scripts that allowed him to get remote password-less access to the actual server. Using that, he read the database passwords, logged into the DB, deleted the posts and configuration for the Forge, and then deleted all my DB backups.
---
So, that's that. Thanks to the awesome guys at Dreamhost who helped me out with this. We only lost 8 hours of posts, on a Sunday, which is normally a slow posting day.
Logged
Clinton R. Nixon
CRN Games
Ron Edwards
Global Moderator
Member
Posts: 16490
Hack attack - officially back up
«
Reply #1 on:
March 10, 2005, 10:56:55 AM »
Hello,
Welcome back, everyone. I'd like to ask that you take the time to consider why you post here, and what you plan to contribute to others' mutual understanding, from now on.
Best,
Ron
Logged
Larry L.
Member
Posts: 616
aka Miskatonic
Hack attack - officially back up
«
Reply #2 on:
March 10, 2005, 11:10:20 AM »
"Dreamhost" indeed. That sounds like an otherwise very dead Forge.
Thanks for all the hard work.
Logged
Larry
Indie Gamers Minnesota
Pages: [
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Welcome to the Archives
-----------------------------
=> Welcome to the Archives
-----------------------------
General Forge Forums
-----------------------------
=> First Thoughts
=> Playtesting
=> Endeavor
=> Actual Play
=> Publishing
=> Connections
=> Conventions
=> Site Discussion
-----------------------------
Archive
-----------------------------
=> RPG Theory
=> GNS Model Discussion
=> Indie Game Design
-----------------------------
Independent Game Forums
-----------------------------
=> Adept Press
=> Arkenstone Publishing
=> Beyond the Wire Productions
=> Black and Green Games
=> Bully Pulpit Games
=> Dark Omen Games
=> Dog Eared Designs
=> Eric J. Boyd Designs
=> Errant Knight Games
=> Galileo Games
=> glyphpress
=> Green Fairy Games
=> Half Meme Press
=> Incarnadine Press
=> lumpley games
=> Muse of Fire Games
=> ndp design
=> Night Sky Games
=> one.seven design
=> Robert Bohl Games
=> Stone Baby Games
=> These Are Our Games
=> Twisted Confessions
=> Universalis
=> Wild Hunt Studios
-----------------------------
Inactive Forums
-----------------------------
=> My Life With Master Playtest
=> Adamant Entertainment
=> Bob Goat Press
=> Burning Wheel
=> Cartoon Action Hour
=> Chimera Creative
=> CRN Games
=> Destroy All Games
=> Evilhat Productions
=> HeroQuest
=> Key 20 Publishing
=> Memento-Mori Theatricks
=> Mystic Ages Online
=> Orbit
=> Scattershot
=> Seraphim Guard
=> Wicked Press
=> Review Discussion
=> XIG Games
=> SimplePhrase Press
=> The Riddle of Steel
=> Random Order Creations
=> Forge Birthday Forum
