EPTLost all my Yankee League 2 info, every recent forum post and everything, jesus what a damn faggot whoever did it.
Now I have to re-do everything T__________________T
BWUSA.org = Hacked .
| Blogs > Xeris |
|
Xeris
Iran17695 Posts
Lost all my Yankee League 2 info, every recent forum post and everything, jesus what a damn faggot whoever did it. Now I have to re-do everything T__________________T | ||
Xeofreestyler
Belgium6774 Posts
were you using custom scripting or a certain premade template for site/forum? | ||
Carnac
Germany / USA16648 Posts
Not that it wouldnt make the person responsible less of a jerk :> | ||
|
YPang
United States4024 Posts
| ||
|
paper
13196 Posts
| ||
|
ForAdun
Germany986 Posts
| ||
|
._.
1133 Posts
Did you find out how he did it? | ||
|
Xeris
Iran17695 Posts
| ||
|
alffla
Hong Kong20321 Posts
 my sympathies ;-; | ||
|
ulszz
Jamaica1787 Posts
| ||
|
thunk
United States6233 Posts
| ||
|
ThE_OsToJiY
Canada1167 Posts
| ||
|
Xeris
Iran17695 Posts
| ||
|
iNcontroL
USA29055 Posts
| ||
|
Coulthard
Greece3359 Posts
| ||
|
HeadBangaa
United States6512 Posts
SQL injection? Admin password hacked? What happened? | ||
Harem
United States11393 Posts
| ||
thedeadhaji
39489 Posts
| ||
|
Uris
United States47 Posts
what an ass, who ever did this. | ||
|
Aurious
Canada1772 Posts
| ||
|
Xeris
Iran17695 Posts
| ||
|
MoNKeYSpanKeR
United States2869 Posts
Also sorry to hear it Xeris. I wonder who did it? | ||
|
MoNKeYSpanKeR
United States2869 Posts
| ||
|
Xeris
Iran17695 Posts
it was fixed, just all the forum data was lost... | ||
|
Centric
United States1989 Posts
| ||
|
FragKrag
United States11554 Posts
| ||
|
Xeris
Iran17695 Posts
| ||
|
Skew
United States1019 Posts
I don't *think* you can track an XSS/SQL injection wipe on the DB as the content that caused it would also be wiped... someone correct me if I'm wrong, but good luck anyways. Daily DB backups next time around. | ||
|
Xeris
Iran17695 Posts
| ||
|
Xeln4g4
Italy1209 Posts
| ||
|
yenta
Poland1142 Posts
| ||
|
yenta
Poland1142 Posts
On June 05 2008 14:23 Skew wrote: Sorry Xer. I don't *think* you can track an XSS/SQL injection wipe on the DB as the content that caused it would also be wiped... someone correct me if I'm wrong, but good luck anyways. Daily DB backups next time around. Logs? Check your db logs - if they are set up right they should have a record of the statement that caused the wipe. Also. you should be logging any input that is not standard, or since its a small site, just log all input and clean your logs once they are older than a week. | ||
|
Jank
United States308 Posts
| ||
|
QuanticHawk
United States32098 Posts
| ||
MasterOfChaos
Germany2896 Posts
Did you already find out how he killed your db? | ||
|
Flaccid
8859 Posts
Description of hack To quote this guy's post: This is a Windows vulnerability. What the hacker did was attempt to run around the code and gain access to the asp.net Windows Media Player library via our /images/ folder. They found an image they liked, They ran a some kind of script, and gained access to run a sql instertion script that the application itself did not allow. Sneaky fucker. Apparently, this a vulnerability that Microsoft put out a patch to, and our hosting provider didn’t run it against our VPS yet. So to protect your server against this hack, have your hosting provider run the latest updates for the vulnerability. So it's really not a matter of basic SQL-injection. That stuff is protected against in the code in several different ways. It's a server-side vulnerability that is exploited and something most people have no control over. The only sites at risk are those running on a Windows server. Just do a google search and you'll see the hundreds of thousands of sites that have been hit in this way. Point being we have to go a roundabout way to prevent this from happening again, and again, and again... and again..... That's the internet for you. | ||
|
Jonoman92
United States9105 Posts
| ||
|
Goosey
United States695 Posts
edit: oh and they run Windows Server? Unless you are reliant on that software stack I would recommend switching hosts for sure. Daily backup is pretty much standard. | ||
|
nofAcedAgent
United States952 Posts
On June 05 2008 12:56 Xeris wrote: who the hell cares where it is -________-; blog is the same shit as a forum post anyways, it's the exact same format, it's just in a different subsection of the site Chill yo~ I think he just meant it would get noticed by more people in the brood war section, hes not the one that hacked you, control your rage (;p) (not that I know the benefit of having more viewers) Anyway, hope the bastard gets caught man, sorry to hear it | ||
|
Xeris
Iran17695 Posts
Woo I hope whoever hacked my site shows up to a LAN. | ||
|
Flaccid
8859 Posts
Life's a bitch. I guess things are good now, that is until they find some new way to do us up the butt. | ||
|
G5
United States2919 Posts
try and get his ip and catch the fucker | ||
|
G5
United States2919 Posts
fuck that pisses me off | ||
| ||
