What's going on?

March 19, 2007

okay...here's the deal:

I've managed to get the site somewhat back to working. I'll have to get at the backup of certain tables to get the forum descriptions and ranks back to normal. I probably won't have time to get the premium interface back up and running until tomorrow. If anyone finds anything else wrong with the site, please let me know.

What a pain in the arse.

Knightlife_in_Lubbock · March 19, 2007

It doesn't make sense to me. Seems like they would want to hack a government site or some non sports media oriented site.
Does seem a bit odd. Has anyone here been riling anyone recently?

Border war between IU and UofI fans. You know the normal stuff. :wink:

RynoRules · March 19, 2007

okay...here's the deal:

I've managed to get the site somewhat back to working. I'll have to get at the backup of certain tables to get the forum descriptions and ranks back to normal. I probably won't have time to get the premium interface back up and running until tomorrow. If anyone finds anything else wrong with the site, please let me know.

What a pain in the arse.

Thanks, Tim. I know you have things to do that, oh, I don't know, you actually get paid for.

CubsInNC · March 19, 2007

okay...here's the deal:

I've managed to get the site somewhat back to working. I'll have to get at the backup of certain tables to get the forum descriptions and ranks back to normal. I probably won't have time to get the premium interface back up and running until tomorrow. If anyone finds anything else wrong with the site, please let me know.

What a pain in the arse.

Tim,

Did you submit the incident to the phpbb security tracking team? Sure it's an sql-injection hack, Definitely seems like it exploited the custom title, but not sure if that was the primary entry point.

JWCUB · March 19, 2007

Thanks Tim. Do you have any idea where this came from or why?

March 19, 2007

Thanks Tim. Do you have any idea where this came from or why?

not yet

Rob · March 19, 2007

okay...here's the deal:

I've managed to get the site somewhat back to working. I'll have to get at the backup of certain tables to get the forum descriptions and ranks back to normal. I probably won't have time to get the premium interface back up and running until tomorrow. If anyone finds anything else wrong with the site, please let me know.

What a pain in the arse.

Shall we begin forming some sort of vengeance task force?

FadeToBolivia · March 19, 2007

http://lexicorient.com/e.o/ill/alevi01_large.jpg

huseyin gazi, so it's definitely turkey...

i don't know why i'm doing this. i should watch a movie or...get a job...or something.

The thought of the building having internet access is amusing. Has anyone alerted Jack Bauer?

March 19, 2007

okay...here's the deal:

I've managed to get the site somewhat back to working. I'll have to get at the backup of certain tables to get the forum descriptions and ranks back to normal. I probably won't have time to get the premium interface back up and running until tomorrow. If anyone finds anything else wrong with the site, please let me know.

What a pain in the arse.

Tim,

Did you submit the incident to the phpbb security tracking team? Sure it's an sql-injection hack, Definitely seems like it exploited the custom title, but not sure if that was the primary entry point.

I did submit it and haven't yet had a response.

There were several possible points of entry, but it seems the heavily mod'd premium board that was still on version 2.0.8 was where they were getting in. So I'm going to have to work on that side of things before turning that UI back on.

Pushfrog98 · March 19, 2007

We had a phpbb forum hacked here on campus a few years ago, and after that, we just disabled the forums in general. It seems to me that (even with the security fixes) that phpBB is still unreliable against hack attempts.

Also, it wasn't as if someone isolated the nsbb.com forums... basically, someone sends out a "bot" or just does a search for forums using the phpbb software, and then they automatically hack the site. There doesn't even have to be a user at the computer, just a zombie (that's what makes it even more scary... zombies on the interwebs!!!!!).

vance_the_cubs_fan · March 19, 2007

I can't wait until premium is back up. I feel like I'm slumming. :lol:

CubsInNC · March 19, 2007

We had a phpbb forum hacked here on campus a few years ago, and after that, we just disabled the forums in general. It seems to me that (even with the security fixes) that phpBB is still unreliable against hack attempts.

Also, it wasn't as if someone isolated the nsbb.com forums... basically, someone sends out a "bot" or just does a search for forums using the phpbb software, and then they automatically hack the site. There doesn't even have to be a user at the computer, just a zombie (that's what makes it even more scary... zombies on the interwebs!!!!!).

Considering that recent estimates have put the number of "zombies" on the internet into the 10s of millions (I've seen estimates in the 60 million range), and the fact that zombie nets go for big bucks on the black market for spam and identity theft, to me it's not incredibly obvious that this is the work of a larger zombie network. Likely this particular hacker group/board has a few compromised machines, likely on high speed lines (US cable modems need not apply), and has them setup to scan large ip ranges injecting various sql-exploits and e-mailing successful hits to an anonymous e-mail address. Then the hacker logs into one (or a series) of their compromised machines and launches tools loaded on that computer that are "point-and-click" hacking. It's quite likely they wrote the specific tools themselves, but doubtfully are using any "new" exploits. Most likely, they then posted the successful hack onto their forum (which likely (and ironically) also runs phpBB). The nice thing they did was that they left if virtually untouched. Which indicates that they're more likely out for fame and glory in the hacking scene.

As for phpBB being insecure, it's really not much different than any other forum software. More likely, it's the most commonly used so the majority of script hackers utilize tools that exploit it, as it gets them more fame.

There are several dependencies for phpBB; a webserver (apache, IIS, etc), a database (server) (MySQL, SQL, Sql-Lite, etc), and any customizations or modifications a forum makes to it's code. Many times it's those dependencies that are responsible for the hack (in this case, though it could be the older version of the premium forum).

I can't wait until premium is back up. I feel like I'm slumming. :lol:

Get off my lawn! Yuppie.

Knightlife_in_Lubbock · March 19, 2007

I can't wait until premium is back up. I feel like I'm slumming. :lol:

You're ok it's still daylight. :wink:

Tracer Bullet · March 19, 2007

I can't wait until premium is back up. I feel like I'm slumming. :lol:

You're ok it's still daylight. :wink:

All I know is - I'm without premium today so I want a 16 cent refund!!!

[/heavy sarcasm]

wvcbxl · March 19, 2007

All I know is - I'm without premium today so I want a 16 cent refund!!!

[/heavy sarcasm]

Well, I sent Tim a PM about the problem before reading this thread, so I should probably pay him for wasting his time. :roll:

USSoccer · March 19, 2007

I'd take Turkish, from the look of everything.

yeah, I agree.

How much longer on those sausages?

2 minutes, Turkish

Derwood · March 19, 2007

Hackers: lowest form of life on earth?

Ding Dong Johnson · March 19, 2007

Hackers: lowest form of life on earth?

Spammers are worse, IMO.

Transmogrified Tiger · March 19, 2007

Hackers: lowest form of life on earth?

Spammers are worse, IMO.

At this point I wonder what motivates spammers. Is anyone really stupid to read emails that manage to get through filters? Is that percentage worth the consistent effort to try to outsmart those filters?

goonys evil twin · March 19, 2007

Hackers: lowest form of life on earth?

Spammers are worse, IMO.

At this point I wonder what motivates spammers. Is anyone really stupid to read emails that manage to get through filters? Is that percentage worth the consistent effort to try to outsmart those filters?

You'd have to assume it is worth it, financially.

Derwood · March 19, 2007

Hackers: lowest form of life on earth?

Spammers are worse, IMO.

At this point I wonder what motivates spammers. Is anyone really stupid to read emails that manage to get through filters? Is that percentage worth the consistent effort to try to outsmart those filters?

You'd have to assume it is worth it, financially.

Do they even get money if you read the spam? Only if you click their link, right?

I get endless amounts of spam on my yahoo email account from drug companies and "great investment opportunities on the stock market". you can throw the spam filter on them everytime, but the origin uses randomly created email addresses and are different every time. Very annoying

Post Count Padder · March 19, 2007

Hackers: lowest form of life on earth?

Quite possibly.

A New Era · March 20, 2007

Um, guys. Im supposed to have around 30 thousand posts. However they hacked me to say 3065. Hurry, put 30 thousand posts on my profile.

98navigator · March 20, 2007

Um, guys. Im supposed to have around 30 thousand posts. However they hacked me to say 3065. Hurry, put 30 thousand posts on my profile.

LOL, uh huh :wink:

A New Era · March 20, 2007

Um, guys. Im supposed to have around 30 thousand posts. However they hacked me to say 3065. Hurry, put 30 thousand posts on my profile.

LOL, uh huh :wink:

Damn. Or maybe I could be MR. INFORMATIVE and DILIGENT POSTER like YOU!! So NYAA! :P

What's going on?

Guest

Top Posters In This Topic

Top Posters In This Topic

Guest

Guest

Create an account or sign in to comment

Create an account

Sign in

Member Statistics

Prospect News & Highlights

Recent News

Notes & Rumors

Recent Blogs