Jump to content

Crimson Guard forums hacked

baseballer790

By baseballer790
in Open World RP

 Share

Recommended Posts

  • Replies 142
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Finster Baby Newbie

Finster Baby

Posted
Posted

Having had to fight our way through several DDoS attacks a few months ago, I can certainly relate to the OP's frustration and anger.

I hope you catch 'em. Probability says you won't, but one can hope. We never did find who was attacking our fourms.

Good luck!

Link to comment
Share on other sites
Prime minister Johns Newbie

Prime minister Johns

Posted
Posted (edited)

People need to learn not to take the game so seriously that they commit real life criminal acts for a game.

I have had to deal with several hacker related incidents at work and it is never fun.

I hope they get caught and punished to the fullest extent of the law.

But realistically there is not a good chance of that happening.

Edited by Prime minister Johns
Link to comment
Share on other sites
Francesca Newbie

Francesca

Posted
Posted
I seriously hope neither of you are implying I had anything to do with this.

IC =/= OOC.

'Nuff said.

(Yes, I hate the "'Nuff said" meme, but it was appropriate for the situation)

You may not be my favourite person at the moment, but I don't believe for a minute you had anything to do with this.

The IC and OOC line doesn't necessarily apply here. IC and OOC you love attention. This 'hacking' lets you play victim over some petty death threats that mean nothing, and give you and CG the ability to spread your names around more and play the pity card.

Let's be honest, nobody out there has any sort of reason to attack forums of an alliance this new. I stand by this looking like a bad PR stunt.

You obviously have absolutely no idea how I or my alliance operate. Plus, I'd prefer for people to learn my name over something I feel proud of, than simply for having my forum hacked. Why would I want to become known for that?

I don't like hackers, but they at least picked the right forums to hit for once.

I'm disappointed that you would say something like this of my alliance, considering my high opinion of you.

Link to comment
Share on other sites
Mussolandia Newbie

Mussolandia

Posted
Posted (edited)

I find myself, strangely, in agreement with Seerow. It was also the first thing I thought about. It is apparent that this new alliance is already dismantling itself. This happened sooner than I expected.

Edited by Mussolandia
Link to comment
Share on other sites
Francesca Newbie

Francesca

Posted
Posted
I find myself, strangely, in agreement with Seerow. It was also the first thing I thought about. It is apparent that this new alliance is already dismantling itself. This happened sooner than I expected.

You seriously think that we'd destroy the boards we spent hours on for a moment of fame on the CNF? We can get that through hundreds of better methods.

Link to comment
Share on other sites
potato Newbie

potato

Posted
Posted
You seriously think that we'd destroy the boards we spent hours on for a moment of fame on the CNF? We can get that through hundreds of better methods.

Seeing as CG was mostly built around unreliable attention whores, it's not that far fetched to think so, yes.

Link to comment
Share on other sites
Drostan Newbie

Drostan

Posted
Posted (edited)

Let's look at this rationally. Pretty much every board stores passwords as encrypted md5 hashes eh? If your password is as strong as you claim it is then forget it. It was probably not hacked. It would take days at least to brute force the encrypted md5 hash if your password is not words but rather mixed case letters and numbers. Thus, usually you should start with the simple solutions first and eliminate them. Who else would have known your password? Did you give someone your password? Are you sure these things were done under your account?

Another thing that supports the theory that it is someone you know: ooc attacks. Didn't you say he knew both of your real names? Start thinking of people who know your names in real life. That should narrow it down.

The truth is that you could have been 'hacked' because SMF has several on-going exploits. The most likely one would be the avatar upload exploit. Disable avatar uploads on your SMF forums otherwise you may be sorry. You can turn it off, disable parsable php in avatar upload and then you can re-enable it. Basically his avatar injects code that allows him to retrieve all sorts of information from the forums databases. Attachments are also vulnerable if you have them on (few websites do). You're going to want to sort through themes etc as well and honestly, often times these exploiters inject the php code everywhere once they have access. So I'd do a clean install personally since your boards are new anyway. Check here for more information and make sure you're using the latest version of SMF:

http://www.simplemachines.org/community/in...opic=307717.360

EDIT: Anyway, if the ooc were personal, then chances are one of your 'friends' is a script kiddie. This is not really hacking as chances are good they simply downloaded the premade script and then uploaded it to the avatar settings page or the attachments option.

Edited by Drostan
Link to comment
Share on other sites
Gn0xious Jr Newbie

Gn0xious Jr

Posted
Posted

unfortunate to say the least.

as others have pointed out, this may have been caused by someone closer to you than you know or "can't consider" them ever doing something like this. In other words, someone you know/knew that is looking to get back at you for something they feel you've wronged them on (personal information and attacks suggest that they KNOW you)

hope this gets sorted out, it is never fun to see your outside work crumbled.

Link to comment
Share on other sites
Haflinger Newbie

Haflinger

Posted
Posted
Let's look at this rationally. Pretty much every board stores passwords as encrypted md5 hashes eh? If your password is as strong as you claim it is then forget it. It was probably not hacked. It would take days at least to brute force the encrypted md5 hash if your password is not words but rather mixed case letters and numbers. Thus, usually you should start with the simple solutions first and eliminate them. Who else would have known your password? Did you give someone your password? Are you sure these things were done under your account?

Drostan, most people aren't using SSL. All you need is a packet sniffer running on the host and every password is vulnerable.

Link to comment
Share on other sites
potato Newbie

potato

Posted
Posted
Erhm, people that are interested in security?

I hacked a few non-CN sites back in the days. And left a message on how to fix it. Not that hard imho.

You really need to learn how not to take things seriously. But thanks for that tidbit of info. Now I guess CG has a trace to follow ;)

Link to comment
Share on other sites
baseballer790 Newbie

baseballer790

Posted
  • Author
Posted
I laughed because this is EXACTLY what I was thinking. Getting hacked sucks, I know. However, you two probably brought it on yourselves if you didn't do it.

I don't like hackers, but they at least picked the right forums to hit for once.

So what you're saying is OOC attacks are okay as long as the person you're attacking is baseballer790 or baseballer790's alliance?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...