Users browsing this thread: 54 Guest(s)
tSR hacked
|
06-29-2009, 11:07 AM
(This post was last modified: 06-29-2009, 11:08 AM by Ridge Troopa.)
Couldn't hurt. But it might also be a good idea to wait until the staff have seen this.
BTW DragNaut, calm yourself. The staff will be able to handle it when they get here I'm sure.
06-29-2009, 11:09 AM
Crisis over, took 5 seconds to fix. NobodyCoder is a hacker from Iran who tries to spread political messages from what I can tell.
Apparently he doesn't like Israel.
06-29-2009, 11:11 AM
Figured it would be a quick fix. Thanking you, Dazz.
(06-29-2009, 11:09 AM)Dazz Wrote: Crisis over, took 5 seconds to fix. NobodyCoder is a hacker from Iran who tries to spread political messages from what I can tell. Dazz, your'e a life saver. thankyou so much oh yeah, and if you click on the link to the main page at the bottom, it takes you to the hack page.
06-29-2009, 11:17 AM
You just have to refresh, it'll be in your browser cache.
06-29-2009, 11:17 AM
Aw, I missed it.
06-29-2009, 11:22 AM
Dazz saves the day once again~
06-29-2009, 02:36 PM
thanks dazz, wjhen i saw that in the search box i was deeply offended!!!!! my brothers and sisters are from israel and i know they would not like this at all. thank you dazz. i can not thank you enough. ill give u all my rep you just own so much. fuck. god damn dazz. god damn. you just own. plain out own. dazzelz 3 xoxo
06-29-2009, 02:56 PM
I sense a ticket tape parade in the name of Dazz.
Job well done good sir.
06-29-2009, 03:17 PM
It was a MyBB vulnerability (color me unimpressed, why is MyBB so shitty).
The guy used a public MyBB 1.4.6 exploit, gained admin privileges on the forum (strangely enough, the account he used didn't have admin privileges anymore when I checked), dropped some php exploits into the forums cache folder because he couldn't write anywhere else (he didn't get root, couldn't escalate privileges. He could only run things with the same permissions as the webserver. He also failed to backdoor the forum's code for the same reason) Then he overwrote index.html, which is a cached file generated by tSR's update system (so the webserver must have permissions to write to it), which was promptly regenerated by Dazz when he hit the "Regenerate index" button. Then I just had to clean up the exploits he dropped and upgraded the forums so this wouldn't happen again.
06-29-2009, 03:55 PM
(06-29-2009, 02:36 PM)Solitaire Wrote: thanks dazz, wjhen i saw that in the search box i was deeply offended!!!!! my brothers and sisters are from israel and i know they would not like this at all. thank you dazz. i can not thank you enough. ill give u all my rep you just own so much. fuck. god damn dazz. god damn. you just own. plain out own. dazzelz 3 xoxo Search box? For me the page was just that text.
06-29-2009, 03:55 PM
06-29-2009, 04:56 PM
I'm part Israeli. But I did not check the TSR main page in a couple days, thus I didn't get to see the hack. But good job clearing it up anyway.
06-29-2009, 05:01 PM
I didn't actually se this happen. I was on this morning, but nothing happened. At least it's over
|
« Next Oldest | Next Newest »
|