Login

Skill · 06-21-2011, 08:48 AM

I missed all the drama as I haven't had internet access for the past week or so but I'm glad everything has been resolved.

cOld fus1on · 06-21-2011, 09:01 AM

Really happy to see the site back up! I'm new here, n kinda missed missed the place yesterday, lol!
Thanks Omni, for working so hard to get the site back up so quick...

Kewlz · (This post was last modified: 06-21-2011, 09:02 AM by Kewlz.)

What was the vulnerability here?
0day exploit?

Sam · 06-21-2011, 10:09 AM

We're not revealing the vulnerabilities yet, it was not a MyBB exploit, I can tell you that much. I'm sure you'll find out on HF.

Braco22 · (This post was last modified: 06-21-2011, 12:04 PM by Braco22.)

Yep, it was breached through an old site that wasn't updated. I believe it was a MyBB forum.

And after that they took access of the whole server which SF was on.

Opulence · 06-21-2011, 01:02 PM

That was a poor attempt to show skills, but I'm glad we're back up and running again.

Flamingo · 06-21-2011, 08:07 PM

(06-21-2011, 10:09 AM)Sam Wrote: We're not revealing the vulnerabilities yet, it was not a MyBB exploit, I can tell you that much. I'm sure you'll find out on HF.

That's odd, Omniscient explained it was due to an outdated MyBB forum he was running, which was still vulnerable to an old exploit.

Resistance · 06-21-2011, 08:26 PM

That is terrible, thank god I hope nothing was stolen such as my passwords. Yes I am a tad bit selfish lol

WiFiPunk · 06-21-2011, 08:53 PM

(06-20-2011, 05:00 PM)Nickpooz Wrote: yes all of hes site's was taken down by a bunch on immature kids, nothing special all sites are back up now

It's more like a bunch of immature adults but, you were on the right path.

Crayo · (This post was last modified: 06-22-2011, 12:04 PM by Crayo.)

(06-21-2011, 09:02 AM)Mr.Kewl Wrote: What was the vulnerability here?
0day exploit?

Not in MyBB, else they would of got Hack Forums too, a much bigger target. All of those sites I think were under the same host. There is an exploit you can upload onto shared servers that will give you root access, and quite a lot of shared hosting providers haven't patched it yet. HostGator was even vulnerable to this, as 2 of their servers were compromised and hundreds of databases were posted on a black hat site.

So basically, this isn't a MyBB issue.

(06-21-2011, 08:07 PM)Flamingo Wrote: That's odd, Omniscient explained it was due to an outdated MyBB forum he was running, which was still vulnerable to an old exploit.

His other forums were on older versions, but where did he say that? He posted on mybb.com saying it wasn't a MyBB issue, but did stress users to use the latest versions of MyBB at all times so perhaps it was. I'm pretty sure it was just his host that was fudged over, and since Omni doesn't manually secure those the sites were hacked. The HF server is manually secured by Omni, and whatever exploit they used, it clearly wasn't good enough to fudge HF over.

People, you need to stop making such a fuss. No need to give these guys more publicity than they want.

Login
Username:
Password:	Lost Password?
	Remember me