Hacker Logo

Thread Starter

Papabravo

Joined Feb 24, 2006
21,157
I don't know about you guys, but if this was my site I'd be moving Heaven and Earth to take down the hacker's logo. Do you care?
 

pebe

Joined Oct 11, 2004
626
Originally posted by Papabravo@Jun 13 2006, 01:04 AM
I don't know about you guys, but if this was my site I'd be moving Heaven and Earth to take down the hacker's logo. Do you care?
[post=17687]Quoted post[/post]​
Yes, I care about it but there's nothing I can do about it short of replying to the 'Contact' button and risking more spam/bugs.
 

kubeek

Joined Sep 20, 2005
5,794
Originally posted by pebe@Jun 13 2006, 09:18 AM
Yes, I care about it but there's nothing I can do about it short of replying to the 'Contact' button and risking more spam/bugs.
[post=17688]Quoted post[/post]​
clicking the Contact button does nothing. Leads to som odd-language site...
 

JoeJester

Joined Apr 26, 2005
4,390
Personally I would:

1. Shut down the forums and post the reason why on the main page.
2. Send an email to the address listed under contact and find out what's going on with your code.

Do a google search on the hackers name ... to get more information on them.

The opines out there have him ranging from providing a needed service [pointing out the security hole] to being malicious.

Leaving that advertisement up there is inviting malicious hackers to the site.

Email them.

Keep us posted.
 

hgmjr

Joined Jan 28, 2005
9,027
Originally posted by JoeJester@Jun 13 2006, 09:34 PM
Personally I would:

1. Shut down the forums and post the reason why on the main page.
2. Send an email to the address listed under contact and find out what's going on with your code.

Do a google search on the hackers name ... to get more information on them.

The opines out there have him ranging from providing a needed service [pointing out the security hole] to being malicious.

Leaving that advertisement up there is inviting malicious hackers to the site.

Email them.

Keep us posted.
[post=17704]Quoted post[/post]​
I am in complete agreement with JoeJester's suggestion. Shut down the site immediately until countermeasures to the security weakness can be arranged.

Good Luck,
hgmjr
 

JoeJester

Joined Apr 26, 2005
4,390
If you can't contact them, contact the owner of this Inversion Power Board;


http://phx.audiodragon.net/index.php?showtopic=288

Who wrote:

Hi,
It was brought to my attention by Crowind earier today that these forums had been hacked. This alleged hacker, named the "Silvery Hat Hacker" is what is know as a 'Whitehat Hacker'** - I have disabled all search functions to these boards until I figure out exactly where this hole is and how to allow search without leaving the explot open. I do somewhat thank this hacker, but it is very annoying to have this exploit pointed out (rather than privately e-mailed to me) and then have all admin accounts locked. With some work in the MySQL Database of the Audiodragon.net server, I was easily able to fix all the minor changes the hacker made.

All is well, not to fear. :)

-RedemptionAD

**(Whitehat Hacker - A hacker who will use a securtiy hole, exploit or some path to enter/hack into a system for the sole purpose to warn the administrator there are flaws. Usually won't cause much damage, but it can be an annoyance.)
 

Thread Starter

Papabravo

Joined Feb 24, 2006
21,157
I think the members owe JoeJester a debt of gratitude for stepping in to help solve a problem that caused an admin to whine that there was nothing he could do. If you're going to run a site then, do it with a measure of competence and professionalism. You're really not looking too good on this one.

Thanks JoeJester!
 

BladeSabre

Joined Aug 11, 2005
105
it is very annoying to have this exploit pointed out (rather than privately e-mailed to me) and then have all admin accounts locked
If the hacker locks the admin accounts, then I wonder how the admins are supposed to fix the problem? Unless it's a problem that only the primary admin would be able to fix anyway.
 

JoeJester

Joined Apr 26, 2005
4,390
According to the Inversion Power boards there are two upgrades to this forum software.

http://forums.invisionpower.com/index.php?showtopic=215527 is the inversion power board forum talking about security updates.

This post outlines the steps required to update your IPB 2.0.x or IPB 2.1.x for this security update.
If you've downloaded IPB 2.1.6 since the time of this post, there is no need to update your installation as the main download has been updated.
 

pebe

Joined Oct 11, 2004
626
Originally posted by Papabravo@Jun 14 2006, 12:31 PM
.........a problem that caused an admin to whine that there was nothing he could do.........
[post=17720]Quoted post[/post]​
I must have missed that posting.
 

BladeSabre

Joined Aug 11, 2005
105
The memberlist shows the admins as jrap and Dave. Unless one of those two uses an alternate account, neither has been around for a while. Do they even know about this?
 

Thread Starter

Papabravo

Joined Feb 24, 2006
21,157
Originally posted by pebe@Jun 15 2006, 02:34 AM
I must have missed that posting.
[post=17727]Quoted post[/post]​
I may have assumed from a literal reading of your post that you had some involvement with the running of the board. If I mistakenly thought that then I retract my earlier comment.
 

hgmjr

Joined Jan 28, 2005
9,027
Originally posted by BladeSabre@Jun 15 2006, 03:14 AM
The memberlist shows the admins as jrap and Dave. Unless one of those two uses an alternate account, neither has been around for a while. Do they even know about this?
[post=17730]Quoted post[/post]​
You may be right bladesabre. I have used the "REPORT" feature to alert the administrators of this intrusion. Dave is generally prompt to acknowledge my messages. Like you I think Dave is on hiatus at the moment so you may be right in your assumption that there is noone at the adminstrator level to react to this issue.

In the meantime, I see little recourse but to endure the logo and hope that further mischief is not forthcoming.

hgmjr
 

pebe

Joined Oct 11, 2004
626
Originally posted by Papabravo@Jun 15 2006, 10:38 AM
I may have assumed from a literal reading of your post that you had some involvement with the running of the board. If I mistakenly thought that then I retract my earlier comment.
[post=17731]Quoted post[/post]​
Your original post addressed 'you guys'. That means members, anybody and everybody, Uncle Tom Cobly and all.

I was replying as a member - and I was *NOT* whining !!! So perhaps in future you could refrain from discourtesies.
 

beenthere

Joined Apr 20, 2004
15,819
Hi,

The added logo is obnoxious, but not a big deal. I don't think there's much at risk on the board, such as personal information. I suppose the dear boy is convinced he's doing the world a favor. Wish he and others would concentrate on Microsoft and try to get that act together.

What I find more distressing than the site hack is the number of suspicious messages in the Off Topic area. Some of these appear to be phishing sites. Be nice to have the more egregiously wierd ones deleted promptly.
 

n9352527

Joined Oct 14, 2005
1,198
Originally posted by beenthere@Jun 15 2006, 02:10 PM
Hi,

The added logo is obnoxious, but not a big deal. I don't think there's much at risk on the board, such as personal information. I suppose the dear boy is convinced he's doing the world a favor. Wish he and others would concentrate on Microsoft and try to get that act together.

What I find more distressing than the site hack is the number of suspicious messages in the Off Topic area. Some of these appear to be phishing sites. Be nice to have the more egregiously wierd ones deleted promptly.
[post=17736]Quoted post[/post]​
*Agree*. When Dave or the other admins regain their accounts back, I suspect they are all currently locked out and trying to find a way in.
 

JoeJester

Joined Apr 26, 2005
4,390
I agree the notice is a pain in the butt.

I'm also sure Dave is doing whatever he thinks he needs to do.

I still stand by my recommendations and I think we are all on edge because we are in the dark into any activity by Dave and his team.

Giving them room to work is probably the number one reason why I recommended to shut the site down ...

I wish Dave luck in resolving this problem in an expedient manner.
 

Thread Starter

Papabravo

Joined Feb 24, 2006
21,157
Originally posted by pebe@Jun 15 2006, 07:57 AM
Your original post addressed 'you guys'. That means members, anybody and everybody, Uncle Tom Cobly and all.

I was replying as a member - and I was *NOT* whining !!! So perhaps in future you could refrain from discourtesies.
[post=17734]Quoted post[/post]​
You're entitled to your interpretation just like everyone else. I don't agree with your position, but that's the way it goes. If you're offended then I apologize, but it's too late to put the horse back in the barn.
 

Thread Starter

Papabravo

Joined Feb 24, 2006
21,157
Originally posted by JoeJester@Jun 15 2006, 01:02 PM
I wish Dave luck in resolving this problem in an expedient manner.
[post=17741]Quoted post[/post]​
I see that he was successful. I'd like to hear the story if he wants to share it with us.
 

Dave

Joined Nov 17, 2003
6,969
Hi all.

I have been away for a few days, jrap has got on top of the problem in my absence. I will endeavour to find out the finer details on what is going on and feedback the information. I would like to be the first to apologies for any offense that has been caused during this unfortunate incident.

In response to the influx of crap in the Off-Topic Lounge, I have now deleted all offending posts. If there are other offending posts still active please PM me.

Lastly, thank you to all those that PMed me regarding the recent issues.

Dave
 
Top