DSLRUsers.com

Was peeved to see most of our messages and all our images gone, so thought I would post an image as it peeves me to let the hackers win (even if it is only for three days)

They haven't won.

Not even close.

I don't have a problem with hackers... the white hat hackers are fine by me.

However, black hat hackers and script kiddies piss the hell out of me.

I assume this is someone who modified a script? Half the forums one sees are powered by the same software.

I need to do a little more research, but it feels like an exploit that leads to SQL Injection.

Several tables were hacked in the DB, including the message posts tables, the forum lists, and the forum topics, as well as the special ranks.

While I've been able to recreate most of those by hand, the messages p[osts are another story, and they're the ones that need to be restored.

There were a couple of oddities in the users' tables - you, Leigh and Kipper were banned, and Leigh, Kipper and my records had been modified, but they were easy to recover too.

But nothing overly major - which is to expected given the negative IQ of the typical script kiddies that plagiarise this crap and their complete and utter inability to actually do anything remotely creative.

Most of the forums online are powered either by vBulletin (see OCAU) or what we use, phpBB, so I imagine it's more someone who may have modified a script, but probably didn't do much modification and used some html in a description field to provoke the different site transparency he was getting.

gstark wrote:There were a couple of oddities in the users' tables - you, Leigh and Kipper were banned, and Leigh, Kipper and my records had been modified, but they were easy to recover too.

It wasn't kipper.
It was Neeper.

Neeper was banned and renamed to "Idiot" because of what I think was a comment made about the origin of the attacker.

Yes the banning might have happened because I was online at the time, or maybe because he didn't like pastrycooks or more likely didn't like me. Birddy and I were speaking at the time and thought it was funny I was banned and he wasn't. Thanks guys for all the work on this, sounds like a long arduous night was had by you both.

Actually, this time it was mostly Dad on damage control.

It's usually like that.

Dad's the damage control expert.

I'm the creative solution expert.

At the moment, my creative solution is to drop an anvil on this turkey.

Or, even more creatively, drop Hansard on this turkey. Or get him to read it. Either are torturous enough.

have you got any IP logs to trace the hacker's location?

I noticed also that you have this time updated the forum software version to 2.017 and it was 2.011 when the hacker/script kiddy got his/her mits into it.

I didnt notice you had the older version till I saw the crap on the page today and scrolled down to see the version number. I had to totally re-script all my mods on mine into the new version a month and a half ago. Total pain in the @ss.

I hope you get the posts back from the backup of the SQL without any hassles!

cheers

Mark

Logs will be at the hosts site, and could be mammoth to look at. That said, some of their stats may provide a clue.

The exploit goes beyond 0.11; I think that even 0.16 was vulnerable to this one.

ouch


great work getting things up and going again so quickly Gary.

......the work, Gary and team put in is very much appreciated, I for one would like to help, but know very little about computer programming.........

I ended up with an E-mail of the same name..........

Glen was banned coz you were naughty lately
neeper was banned coz he stirred him up at first
Leigh was banned coz they knew him in one of the cubicle nearby and he got new name too
I was free cos they knew I'll go after them

At the end big thanks to Gary and Leigh to restore the service back to normal as quicker as you could. Those bastards should go to hell!

I'll buy you a drink next time we meet.

Glad the site is back up! those bastards!

If you Google search the spam that was on the site you can see that there are literally thousands of other sites affected. I doubt anyone personally did any of it.

http://www.google.com.au/search?num=100 ... arch&meta=

Live and learn. Patch your systems, read the vendors mailing lists, know your systems, back your systems up.

Cheers,

Luke

Guys - you are fantastic for getting the site back on line. I logged on last night, and couldn't cope - no D70 fix for the night !! ARRGHHHH

Thank you for saving my sanity (and the sanity of my other half)

Pharkin jerks

What a pain in the ass. Thanks for getting the site back up so quickly guys!