Is It Me

Sasha

Sasha

Forum Chief
Messages
7,667
Reaction score
11
Points
0
Or is the forum missing a lot of posts from yesterday?
 
It was down for "emergency maintenance" at 2300 last night.
 
No no no, there are posts I remember reading yesterday before it went down and the posts are no longer there.
 
Brown thinks its not you, its Brown too!

Mrs Brown says its ALWAYS Brown .... man, what did Brown do? :D
 
Forum was hacked, it's prolly the latest good update.
 
exodus said:
Forum was hacked, it's prolly the latest good update.
Click to expand...

That is correct. The hack affected several hundred forums so to be safe we reverted back to the last update before the hack.
 
glad to know that I was not loosing my mind this morning. thought maybe someone slipped something into my coffee or something.:P
 
ffemt8978 said:
That is correct. The hack affected several hundred forums so to be safe we reverted back to the last update before the hack.
Click to expand...

Did you guys get the latest remote SQL Injection closed. (Obviously I wont post the location on the forum). Send me a PM if you guys haven't found it yet, and I will show you what script it is in.
 
EMTLifers,

Unfortunately a plugin for the forum software we are using allowed an outside source to gain access to the forum's administrator functions. The intruder then put the community in maintenance mode and defaced the site.

After initially restoring functionality and addressing the security concerns, I elected to revert the site back to a backup we had from the previous day. As a result, posts were lost and some members had to sign up again.

We're back!
 
MMiz said:
EMTLifers,

Unfortunately a plugin for the forum software we are using allowed an outside source to gain access to the forum's administrator functions. The intruder then put the community in maintenance mode and defaced the site.

After initially restoring functionality and addressing the security concerns, I elected to revert the site back to a backup we had from the previous day. As a result, posts were lost and some members had to sign up again.

We're back!
Click to expand...

Were our passwords and other user information compromised?
 
Unfortunately, I can't say with complete certainty what the hacker had access to, or whether any information is compromised. Based on my research, and posts at vBulletin.com, It appears as though the site was defaced.

vBulletin user passwords are encrypted, but I would still suggest changing your password at other websites if you use the same password for multiple logins.
 
MMiz said:
Unfortunately, I can't say with complete certainty what the hacker had access to, or whether any information is compromised. Based on my research, and posts at vBulletin.com, It appears as though the site was defaced.

vBulletin user passwords are encrypted, but I would still suggest changing your password at other websites if you use the same password for multiple logins.
Click to expand...

Unless they got the registration salts, things should be fine with the passes. I sent a Perl script to you, Mmiz. It is an SQL vuln that allows you to return a password (Salt and pass) from a given user.

I sent you the script so you could try it out on EMTLife to make sure that hole didn't need to be closed here.

Also, unless he had direct access to the Mysql or Phpmyadmin (Which has another password all together and is not even accessible at the administrative level by vbulletin), you are all good. Even when you go in the admin cp here to change someone's password, it doesn't show you their old one.
 
My mind is loose.
 
Seriously, am I the man to ask?

But the answer is, "Of course".

To BOTH questions.
 
You must log in or register to reply here.
Back
Top