Home | Community | Message Board


Lil Shop Of Spores
Please support our sponsors.

Feedback and Administration >> Website Announcements and Feature Feedback

Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Jump to first unread post. Pages: 1 | 2 | 3 | Next >  [ show all ]
InvisibleYthanA
٩(●̮•̃)۶
Male

Registered: 08/08/97
Posts: 16,836
Loc: NY/MA/VT Border, USA Flag
The Recent Bulletin Board Exploit
    #3006109 - 08/15/04 07:23 PM (12 years, 3 months ago)

Late last night, a surprise attack occured on the site when an unknown individual was able to gain administrative access to the bulletin board for a short period of time. Before we were able to react, he (or she) changed many forum names and descriptions, demoted all the moderators and administrators, and began a mass-deletion of private messages. The attacker almost certainly intended to delete all posts as well, but Vamp's quick reaction allowed us to save most of our data.

We had to take our server offline in the immediate aftermath of the attack to prevent further damage. During this downtime we retrieved as much data as possible from backups, repaired and rebuilt our databases, and began looking into the nature of the exploit.

Unfortunately, many private messages sent in the past week could not be recovered. For this we truly apologize. Know that we did everything possible to retrieve as much lost data as possible, and we have taken several effective steps to secure our server against similar attacks until we can track down the exact nature of the problem. The entire team is focused on doing whatever is necessary to protect the Shroomery and we appreciate your understanding during this time.

If anyone has questions about the situation, the admins will do our best to answer them but it may take a while for the full picture to emerge.

Peace,

-Y


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineBarbi
Plastic Person

Registered: 04/22/02
Posts: 12,976
Last seen: 12 years, 1 month
Re: The Recent Bulletin Board Exploit [Re: ]
    #3006140 - 08/15/04 07:32 PM (12 years, 3 months ago)

I'm here and available to help as always.

interesting facts:

he has UBBthreads running on an IIS machine.

:smile:

i registered.


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineCaRnAgECaNdYS
Tool's groupie
Female User Gallery

Registered: 04/09/04
Posts: 11,505
Loc: Billy Howerdel's closet
Last seen: 1 month, 12 days
Re: The Recent Bulletin Board Exploit [Re: ]
    #3006282 - 08/15/04 08:31 PM (12 years, 3 months ago)

You guys rock! Even thought you guys were only offline for a short time, I missed this place. I come here for several reasons. One being the information I gain from the site, another is the enjoyment from reading some of the off the wall topics. Crazy stuff!  The most important though, are the people. I love the people here. Some have brought me comfort, happiness, sadness and a feeling of belonging to something special. I met my current boyfriend off his site! For me, the shroomery is not just some website I visit, it's family, a home to go to. The Shroomery is forever!

So thank you so much! This place is forever "logged" into my heart!

:heart: :heart: :heart: :heart: :heart: :heart: :heart: :heart: :heart: :heart:


--------------------

The secret to being funny is to say smart things stupidly, or is it stupid things smartly? Whatever..it's not rocket surgery...or something like that.


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleThorA
Anti-Theist OVERLORD
Male User Gallery

Registered: 08/12/98
Posts: 9,875
Loc: Calgary, Canada
Re: The Recent Bulletin Board Exploit [Re: ]
    #3006300 - 08/15/04 08:36 PM (12 years, 3 months ago)

Thank you so much Ythan and Vamp for working your asses off in the last 24hrs to get this place back up.

We don't take attacks like this lightly, we will get to the bottom of this and get our culprit.


Post Extras: Print Post  Remind Me! Notify Moderator
Invisibleeric_the_red
 User Gallery

Registered: 02/28/03
Posts: 12,831
Loc: happy land
Re: The Recent Bulletin Board Exploit [Re: Thor]
    #3006333 - 08/15/04 08:46 PM (12 years, 3 months ago)

:lol:
thor, you're a mod now. sorry, i couldn't help but laugh at that one.

i really hope you guys get this wanker. i lost a few valuable pms, but that's nothing in the grand scheme of things.

i googled "sardak" and this is what it shows. there are a few different "sardak" profiles on different boards. this may not help you find him, but i thought i'd throw it out there anyway. maybe there is something you can do with it.


--------------------


Anno cock? is that some kind of Greek liqueur? -Geo's All Knowing Sex Slave


Edited by eric_the_red (08/15/04 11:23 PM)


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleRipple
Ripple
Male User Gallery

Folding@home Statistics
Registered: 05/16/02
Posts: 21,014
Loc: the timbers of Fennario
Re: The Recent Bulletin Board Exploit [Re: ]
    #3006667 - 08/15/04 10:16 PM (12 years, 3 months ago)

Thank you Ythan and great job Vamp!


--------------------
The bus came by and I got on that's when it all began!



Post Extras: Print Post  Remind Me! Notify Moderator
Invisiblesilversoul7
Chill the FuckOut!
 User Gallery

Registered: 10/10/02
Posts: 27,301
Loc: mndfreeze's puppet army
Re: The Recent Bulletin Board Exploit [Re: ]
    #3006886 - 08/15/04 11:23 PM (12 years, 3 months ago)

Ythan and Vamp save the day!  Thank you so much guys!  You're my heros! :cheers:


--------------------


"It is dangerous to be right when the government is wrong."--Voltaire


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinewhiterabbit13
I'm late

Registered: 02/21/04
Posts: 1,360
Loc: Down the rabbit hole
Last seen: 11 years, 1 month
Re: The Recent Bulletin Board Exploit [Re: silversoul7]
    #3007155 - 08/16/04 12:12 AM (12 years, 3 months ago)

Yes thanks for the quick thinking. :thumbup:


--------------------


Post Extras: Print Post  Remind Me! Notify Moderator
InvisiblePapaverS
Madmin Emeritus?

Registered: 06/01/02
Posts: 26,880
Loc: Radio Free Tibet!
Re: The Recent Bulletin Board Exploit [Re: ]
    #3007204 - 08/16/04 12:21 AM (12 years, 3 months ago)

Good work, Ythan and Vamp! :cool:

I'd just like to add that we've had a couple member accounts lost, which we'll need to re-instate. So far, I know we've lost both Bo0 and Fuman(SporeSure). If anyone knows of any other member accounts which has been lost, please let us know who they are, so we can work to re-instate them. Thanks. :smile:


--------------------


Post Extras: Print Post  Remind Me! Notify Moderator
Invisibleutopianglory
Spunkmuffin
Registered: 07/20/02
Posts: 965
Re: The Recent Bulletin Board Exploit [Re: ]
    #3007397 - 08/16/04 01:07 AM (12 years, 3 months ago)

I wonder if he/she deleted accounts of people that they had tangled with here. Might make it easier to track down this person.


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleYthanA
٩(●̮•̃)۶
Male

Registered: 08/08/97
Posts: 16,836
Loc: NY/MA/VT Border, USA Flag
Re: The Recent Bulletin Board Exploit [Re: Papaver]
    #3007867 - 08/16/04 03:16 AM (12 years, 3 months ago)

Okay I think I should have restored almost all (if not all) deleted accounts, but their old posts will still show up as anonymous unless I can figure out some clever way to tie them back to their original poster. There were about 10,000 accounts gone so it apparently wasn't targeted towards specific users. However, he did manually ban three accounts: 'Administrator', 'matts' and 'Suntzu' (in that order). What this means is open to interpretation.

Vamp has identified the bug which we think we used to exploit the BB, and as I type this Anno is working to fix it. Hopefully things should be getting back to normal soon. :smile:

Peace,

-Y


Post Extras: Print Post  Remind Me! Notify Moderator
Invisible40oz
 User Gallery

Registered: 01/19/01
Posts: 30,035
Loc: Sandy Eggo. Ca.
Re: The Recent Bulletin Board Exploit [Re: ]
    #3007955 - 08/16/04 03:51 AM (12 years, 3 months ago)

great job Ythan & Vampppppp! :sun:


--------------------
:pacman: - - - -  :pill: :mushroom2: :pill2: :mushroom2: :regularshroom: :mushroomgrow: :pill: :pill2: :mushroom2: :poison:

:sun::heart::sun:

tiny_rabid_birds said:
"your avatar is dirty."


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineRandolph_Carter
НơĻ?ĢΉō

Registered: 06/14/00
Posts: 29,281
Loc: Shroomery B-list.
Last seen: 6 years, 6 months
Re: The Recent Bulletin Board Exploit [Re: 40oz]
    #3007981 - 08/16/04 04:01 AM (12 years, 3 months ago)

That's what i'm sayin.


--------------------
"..all those molecules thrashing their kinky little tails, hot for destiny and the street."  Gibson


Nuke baby seals for Jesus!

(This has been a +1 production.)


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineRandolph_Carter
НơĻ?ĢΉō

Registered: 06/14/00
Posts: 29,281
Loc: Shroomery B-list.
Last seen: 6 years, 6 months
Re: The Recent Bulletin Board Exploit [Re: Papaver]
    #3008060 - 08/16/04 04:38 AM (12 years, 3 months ago)

Based off of the "coolest shroomery chicks" poll, impala is unregistered.
Unsure if this is intended or not.


--------------------
"..all those molecules thrashing their kinky little tails, hot for destiny and the street."  Gibson


Nuke baby seals for Jesus!

(This has been a +1 production.)


Post Extras: Print Post  Remind Me! Notify Moderator
Anonymous

Re: The Recent Bulletin Board Exploit [Re: ]
    #3008073 - 08/16/04 04:49 AM (12 years, 3 months ago)

Should we, the common user, take the precaution of changing our passwords? I'm unaware if it would have been possible for them to be collected from the site during this incursion.


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineshirley knott
not my real name
 User Gallery
Registered: 11/11/02
Posts: 9,103
Loc: London Flag
Last seen: 10 months, 8 days
Re: The Recent Bulletin Board Exploit [Re: 40oz]
    #3008100 - 08/16/04 05:05 AM (12 years, 3 months ago)

Quote:

fortyounces2freedom said:
great job Ythan & Vampppppp! :sun:



:blowjob: :wink:


--------------------
buh


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleYthanA
٩(●̮•̃)۶
Male

Registered: 08/08/97
Posts: 16,836
Loc: NY/MA/VT Border, USA Flag
Re: The Recent Bulletin Board Exploit [Re: ]
    #3008138 - 08/16/04 06:02 AM (12 years, 3 months ago)

Fortunately, you can't find out someone's password through the admin interface. You can change it to something else, but if you're able to log in then your password wasn't changed and you should be safe. Still, this should serve as a reminder that there are people out there who will take any opportunity to fuck with us so if you have an insecure password, now would be a good time to change it to something more complex.

Thanks!

-Y


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineBarbi
Plastic Person

Registered: 04/22/02
Posts: 12,976
Last seen: 12 years, 1 month
Re: The Recent Bulletin Board Exploit [Re: ]
    #3008160 - 08/16/04 06:25 AM (12 years, 3 months ago)

I still think you guys should force a madatory password change on all users on next login.

He was able to inject directly into tables, no reason why he couldnt dump from there either.. raw sql is raw sql.


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleYthanA
٩(●̮•̃)۶
Male

Registered: 08/08/97
Posts: 16,836
Loc: NY/MA/VT Border, USA Flag
Re: The Recent Bulletin Board Exploit [Re: Barbi]
    #3008213 - 08/16/04 07:14 AM (12 years, 3 months ago)

That's true, but only the password's MD5 hash is stored in the DB which would make it a lot harder to determine what the original password was.

However, if the attacker did get a copy of the users table, Anno uncovered an exploit which might let him gain access to accounts without needing their password. Since changing your password will make you immune to this exploit, I'm reversing my advice. I may make it mandatory after addressing some of the more pressing issues.


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleZero7a1
Leaving YourWasteland

Registered: 10/23/02
Posts: 3,594
Loc: Passing Cloud
Re: The Recent Bulletin Board Exploit [Re: Thor]
    #3008319 - 08/16/04 09:43 AM (12 years, 3 months ago)

I was starting to wonder... I couldnt log in at all yesterday, and when i just got back today, some of my recent pms had been deleted.

Hope all goes well.


--------------------
What?


Post Extras: Print Post  Remind Me! Notify Moderator
Jump to top. Pages: 1 | 2 | 3 | Next >  [ show all ]

Feedback and Administration >> Website Announcements and Feature Feedback

Similar ThreadsPosterViewsRepliesLast post
* Bulletin Board Upgrade 3DSHROOM 1,549 17 06/20/03 01:50 AM
by matts
* Re: Error message from bulletin board mjshroomer 980 6 07/26/99 08:38 PM
by mjshroomer
* Bulletin Board upgrade
( 1 2 3 all )
3DSHROOM 5,895 51 12/10/03 07:20 AM
by Asante
* Asking for secure access prompt/password login? GnuBobo 555 3 04/29/05 05:36 AM
by GnuBobo
* We're a Big Board!
( 1 2 all )
YthanA 1,989 27 09/08/04 03:15 AM
by felix
* This Board Pinhead 576 9 02/26/08 08:25 AM
by Robo Shaman
* Pop-up username and password window? StickyTasticBud 777 2 05/06/07 12:16 PM
by StickyTasticBud
* Request: Login box in message board header *DELETED* spock1 806 5 05/18/08 03:59 PM
by Ythan

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: Ythan, Thor, Seuss, geokills
4,484 topic views. 0 members, 1 guests and 2 web crawlers are browsing this forum.
[ Toggle Favorite | Print Topic | Stats ]
Search this thread:
RVF Garden Supply
Please support our sponsors.

Copyright 1997-2016 Mind Media. Some rights reserved.

Generated in 0.074 seconds spending 0.006 seconds on 16 queries.