Omnimaga

Omnimaga => News => Topic started by: DJ Omnimaga on June 24, 2011, 01:11:33 am

Title: Website hacking attempt?
Post by: DJ Omnimaga on June 24, 2011, 01:11:33 am

There was an attempt at hacking or vandalizing the Omnimaga website around midnight, which caused all forum attachments to go down. This was done via a script used to clean orphaned files that was ran recently on the server and on TIMGUL's a week or two ago. However, the admin who ran the script forgot to remove it afterward, then tonight, somebody who most likely have read the IRC logs and read about that script probably have tried to launch the script in malicious ways to delete content.

Thankfully, all but 118 attachments were put back online about 30 minutes later, thanks to Juju, then we managed to retrieve the 118 missing files afterward to move them in their original location.

Safety measures were quickly employed afterward, so everything should be back to normal now, with all 6509 attached files available again. Sorry for the inconveniences the files downtime might have caused.

Edit by Juju: After further investigation, we found out no hacking or vandalizing was attempted. Said admin accidentally ran the script a second time, causing the attachments folder to be renamed and the attachments system to malfunction. I was able to easily undo the effects under 30 minutes, thankfully. However it was a good thing this was immediately spotted, so we could remove the script now, in case.

Title: Re: Website hacking attempt
Post by: XVicarious on June 24, 2011, 01:13:07 am

Sigh... People these days... It annoys me. We didn't do anything wrong. That we know of... If you think we did, confront us before you attack us...

Title: Re: Website hacking attempt
Post by: Netham45 on June 24, 2011, 01:14:17 am

My bad on leaving the script on there, I should have known better.

Title: Re: Website hacking attempt
Post by: DJ Omnimaga on June 24, 2011, 01:15:26 am

It's ok. Normally SMF scripts shows a warning on the forums telling admins to remove them (like upgrade.php, install.php, convert.php, repair_settings.php), but for some reasons that one didn't O.O

Title: Re: Website hacking attempt
Post by: Juju on June 24, 2011, 01:16:45 am

Indeed, the script only renamed the attachments folder away. I renamed it back to where it originally was, then noticed I forgot 118 files (that I thought were incorrectly named) and put them back in the right folder.

No data were lost, fortunately. And, of course, the script was deleted.

Title: Re: Website hacking attempt
Post by: Jim Bauwens on June 24, 2011, 02:47:48 am

I'm glad that nothing bad happened.

Could it be that the script was accessed by accident? Or does someone really have to search for it to find it?

Title: Re: Website hacking attempt
Post by: Juju on June 24, 2011, 02:52:08 am

Either someone got the name of the script on IRC, or Netham45 executed the script a second time by rebooting his browser. In fact it's the latter.

Title: Re: Website hacking attempt
Post by: Netham45 on June 24, 2011, 02:54:38 am

Once again, mah bad. :P

Title: Re: Website hacking attempt
Post by: aeTIos on June 24, 2011, 02:59:32 am

Great job putting it back up! hope this won't happen too much in the future...

Title: Re: Website hacking attempt
Post by: DJ Omnimaga on June 24, 2011, 03:16:14 am

I see juju, well at least this is solved though.

Title: Re: Website hacking attempt?
Post by: Munchor on June 24, 2011, 04:04:17 am

Well, the only thing I notice in this topic, besides a mistake by one of the manager is Juju's good job.

Seriously, Juju saved the attachments and I think he deserves some recognition =D Nice job and thanks!

Title: Re: Website hacking attempt?
Post by: NeoCrisis on June 24, 2011, 04:54:30 am

thanks Juju!
some bad people still want to attack and destroy the main TI communities (as TI-Bank and Omnimaga), but we'll fight until death!! >:D

Title: Re: Website hacking attempt?
Post by: Munchor on June 24, 2011, 07:30:31 am

Quote from: rayquaza59 on June 24, 2011, 04:54:30 am

thanks Juju!
some bad people still want to attack and destroy the main TI communities (as TI-Bank and Omnimaga), but we'll fight until death!! >:D

:w00t: Fight until dead, that sounds epic :D

Title: Re: Website hacking attempt?
Post by: ztrumpet on June 24, 2011, 11:10:20 am

* ZTrumpet eats teh Netham and thanks juju and DJ

Thanks. :D (to you too, Netham.)

Edit: Please note that my edit to the first post was just to add bold. :)

Title: Re: Website hacking attempt?
Post by: jnesselr on June 27, 2011, 09:08:50 pm

Well, glad to see it was resolved at least.  On the off chance that someone did ever hack us, we could use our combined calculator power to DDOS them!

Glad to see that everything is okay now.

Title: Re: Website hacking attempt?
Post by: DJ Omnimaga on June 27, 2011, 09:09:33 pm

Lol graphmastur. Also I am happy we spotted the script though because someone could have hacked us easily x.x

Title: Re: Website hacking attempt?
Post by: Netham45 on June 27, 2011, 10:15:57 pm

Quote from: graphmastur on June 27, 2011, 09:08:50 pm

Well, glad to see it was resolved at least.  On the off chance that someone did ever hack us, we could use our combined calculator power to DDOS them!

Glad to see that everything is okay now.

I bet 500 calculators could easially generate 100 packets a second to DDoS someone with.

Title: Re: Website hacking attempt?
Post by: DJ Omnimaga on June 27, 2011, 10:25:51 pm

Lol. This would be funny if it actually worked, though :P

Title: Re: Website hacking attempt?
Post by: ruler501 on June 27, 2011, 10:37:18 pm

Quote from: Netham45 on June 27, 2011, 10:15:57 pm

Quote from: graphmastur on June 27, 2011, 09:08:50 pm

Well, glad to see it was resolved at least.  On the off chance that someone did ever hack us, we could use our combined calculator power to DDOS them!

Glad to see that everything is okay now.

I bet 500 calculators could easially generate 100 packets a second to DDoS someone with.

That would be scary as hell if you could get all of the community calcs trying to DDoS one site