Some fucking faggot hacked BWUSA, ran some dumb fucking script that totally fucked the site.

Lost all my Yankee League 2 info, every recent forum post and everything, jesus what a damn faggot whoever did it.

Now I have to re-do everything T__________________T

Xeofreestyler

Belgium6771 Posts

June 05 2008 00:28 GMT

Aww man that sucks
were you using custom scripting or a certain premade template for site/forum?

Carnac

Germany / USA16648 Posts

June 05 2008 00:30 GMT

No backup?
Not that it wouldnt make the person responsible less of a jerk :>

YPang

United States4024 Posts

June 05 2008 00:33 GMT

"ehh... i was testing to see what my script would do, no harm was intended"-random hacker.

paper

13196 Posts

June 05 2008 00:34 GMT

pretty lame =T

ForAdun

Germany986 Posts

June 05 2008 00:37 GMT

wtf, this is absolutely not cool at all. Not that any hacker is any cool but this is even less than not cool. Damn, can't you hackers hack sites that deserve it? Damn...

._.

1133 Posts

June 05 2008 00:38 GMT

can you trace?
Did you find out how he did it?

Xeris

Iran17695 Posts

June 05 2008 00:40 GMT

ran some script that fucked up SQL database or something. luckily there were backups made for the site, but I lost all recent forum info, basically EVERYTHING on Yankee League 2 and all recent NW's we played in the past 1.5 months is gone.

alffla

Hong Kong20321 Posts

June 05 2008 00:45 GMT

shittttttttt

my sympathies ;-;

ulszz

Jamaica1787 Posts

June 05 2008 00:58 GMT

#10

that sucks, sorry bro

thunk

United States6233 Posts

June 05 2008 00:59 GMT

#11

That sucks dude.

ThE_OsToJiY

Canada1167 Posts

June 05 2008 01:01 GMT

#12

Why didnt he go for a crappy game, like WoW or something

Xeris

Iran17695 Posts

June 05 2008 01:07 GMT

#13

no idea, cuz they are huge fags.

iNcontroL

USA29055 Posts

June 05 2008 01:13 GMT

#14

that is sad

Coulthard

Greece3359 Posts

June 05 2008 01:28 GMT

#15

omg T_T

HeadBangaa

United States6512 Posts

June 05 2008 01:31 GMT

#16

Really really shitty...

SQL injection? Admin password hacked? What happened?

Harem

United States11390 Posts

June 05 2008 01:47 GMT

#17

Wow, that's ghey. -_-

thedeadhaji

39489 Posts

June 05 2008 01:54 GMT

#18

Uris

United States47 Posts

June 05 2008 02:01 GMT

#19

a d- noob probably got mad and then took out his anger at bwusa.org

what an ass, who ever did this.

Aurious

Canada1772 Posts

June 05 2008 02:02 GMT

#20

Like I said Xeris talk to steve, same guy hacked sMi site to he has the IP

Xeris

Iran17695 Posts

June 05 2008 02:05 GMT

#21

ya I know... he's investigating it, we'll find out who did it soon. vengeance shall be had.

MoNKeYSpanKeR

United States2869 Posts

June 05 2008 02:27 GMT

#22

the site looks fine to me, what exactly is wrong with it?

Also sorry to hear it Xeris. I wonder who did it?

MoNKeYSpanKeR

United States2869 Posts

June 05 2008 02:31 GMT

#23

also will this delay tomorrow YL? I'm playing in it and if you reschedule i might not be able to play since i could be working.

Xeris

Iran17695 Posts

June 05 2008 02:32 GMT

#24

yes, tomorrow it will continue as planned.

it was fixed, just all the forum data was lost...

Centric

United States1989 Posts

June 05 2008 02:44 GMT

#25

That really sucks man...hope you can get it all together quickly. Also hope you find the bastard.

FragKrag

United States11552 Posts

June 05 2008 02:44 GMT

#26

Why is this in a blog? It should definitely be a post in the BW forum.

Xeris

Iran17695 Posts

June 05 2008 03:56 GMT

#27

who the hell cares where it is -________-; blog is the same shit as a forum post anyways, it's the exact same format, it's just in a different subsection of the site

Skew

United States1019 Posts

June 05 2008 05:23 GMT

#28

Sorry Xer.

I don't *think* you can track an XSS/SQL injection wipe on the DB as the content that caused it would also be wiped... someone correct me if I'm wrong, but good luck anyways. Daily DB backups next time around.

Xeris

Iran17695 Posts

June 05 2008 05:55 GMT

#29

ya , we're going to start doing daily backups

Xeln4g4

Italy1209 Posts

June 05 2008 08:15 GMT

#30

retarded idiots are everywhere ...

yenta

Poland1142 Posts

June 05 2008 09:08 GMT

#31

You should be taking daily dumps of your database. I don't see it as being so big that it would matter. Just add it as a shell command to your crontab, one line to save the days dump as some date-valued file, another to delete backups older than say a week.

yenta

Poland1142 Posts

June 05 2008 09:16 GMT

#32

On June 05 2008 14:23 Skew wrote:
Sorry Xer.

I don't *think* you can track an XSS/SQL injection wipe on the DB as the content that caused it would also be wiped... someone correct me if I'm wrong, but good luck anyways. Daily DB backups next time around.

Logs?

Check your db logs - if they are set up right they should have a record of the statement that caused the wipe.

Also. you should be logging any input that is not standard, or since its a small site, just log all input and clean your logs once they are older than a week.

Jank

United States308 Posts

June 05 2008 10:24 GMT

#33

Probably the result of sql injection. Make sure you patch the hole and not just restore everything and pretend it never happened. Go through all your code making sure all the input is properly sanitized.

QuanticHawk

United States32069 Posts

June 05 2008 12:26 GMT

#34

If I remember, steve said it was an sql, cuz the smi site got hacked yesterday too.

MasterOfChaos

Germany2896 Posts

June 05 2008 14:16 GMT

#35

If the attacker was not entirely supid(which is well possible, 1337 scriptkiddies often are) then your IP will be a random TOR exitnode, or an open wlan.
Did you already find out how he killed your db?

Flaccid

8837 Posts

June 05 2008 17:45 GMT

#36

Not much detail is given in this blog post, so here is a link to what happened:

Description of hack

To quote this guy's post:

This is a Windows vulnerability. What the hacker did was attempt to run around the code and gain access to the asp.net Windows Media Player library via our /images/ folder. They found an image they liked, They ran a some kind of script, and gained access to run a sql instertion script that the application itself did not allow.

Sneaky fucker.

Apparently, this a vulnerability that Microsoft put out a patch to, and our hosting provider didn’t run it against our VPS yet.

So to protect your server against this hack, have your hosting provider run the latest updates for the vulnerability.

So it's really not a matter of basic SQL-injection. That stuff is protected against in the code in several different ways. It's a server-side vulnerability that is exploited and something most people have no control over. The only sites at risk are those running on a Windows server. Just do a google search and you'll see the hundreds of thousands of sites that have been hit in this way.

Point being we have to go a roundabout way to prevent this from happening again, and again, and again... and again.....

That's the internet for you.

Jonoman92

United States9104 Posts

June 05 2008 18:29 GMT

#37

I wondered what was going on. I was looking for the thread with the info about my challenge and I realized the most recent threads were from a while ago.

Goosey

United States695 Posts

June 05 2008 18:36 GMT

#38

That sucks. :| I am surprised your host doesn't do regular backups

edit: oh and they run Windows Server? Unless you are reliant on that software stack I would recommend switching hosts for sure. Daily backup is pretty much standard.

nofAcedAgent

United States952 Posts

June 05 2008 19:27 GMT

#39

On June 05 2008 12:56 Xeris wrote:
who the hell cares where it is -________-; blog is the same shit as a forum post anyways, it's the exact same format, it's just in a different subsection of the site

Chill yo~ I think he just meant it would get noticed by more people in the brood war section, hes not the one that hacked you, control your rage (;p) (not that I know the benefit of having more viewers)

Anyway, hope the bastard gets caught man, sorry to hear it

Xeris

Iran17695 Posts

June 05 2008 22:00 GMT

#40

Apparently whoever did it tried to do it again last night and today -___________- !!

Woo I hope whoever hacked my site shows up to a LAN.

Flaccid

8837 Posts

June 06 2008 20:05 GMT

#41

So they just tried it again about 30 minutes ago and instead found themselves redirected to lemonparty.org.

Life's a bitch.

I guess things are good now, that is until they find some new way to do us up the butt.