1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hacked... grrr

Discussion in 'Off Topic' started by Slavik, Sep 10, 2011.

  1. Slavik

    Slavik XenForo Moderator Staff Member

    Well, not down to server security or scripting, good ol fassioned "find the guys password and log in".

    One of the other admins for p8ntballer had his password stolen, fortunately the hacker didn't realise I was browsing the site (logged out) so when he defaced the homepage, I saw it right away and shut apache off before he could do anymore.

    Sneaky little **** though.

    Fortunately the damage was contained from being too bad, I have nightly backups so at worst I will just restore from 24 hours ago, there is however, some items which will never be able to be recovered.

    Oh well, even the best of us!
  2. kprojects

    kprojects Well-Known Member

    Good catch - and timing!
  3. EQnoble

    EQnoble Well-Known Member

    didja try and fish out his IP?
  4. Martyn

    Martyn Active Member

    please report it to the police and hotmail :p
  5. Slavik

    Slavik XenForo Moderator Staff Member

    We have all the logs and IP's and already have a very good idea who it is.
  6. EQnoble

    EQnoble Well-Known Member

    Good...very good. Do you plan on making a move against them....I ask for reasons I don't want to post publicly but if you are going to move against them and you are interested in how I got rid of the most pesky of arsenuggets from my server pm me.

    (almost 100,000 attacks in one week over 7 vectors of attack actually was the most pesky but they were from china and china isn't interested in respecting american web properties so I just blocked every cidr range in china....funny thing is besides that one....50% of attacks are hitting me originating from California, Washington state and one other which I am not sure if that is just a proxy or not yet so it is not worth mentioning beyond what I have)

    One question...was the person at one time or presently in your circle...or was it a random but known douche?
  7. Slavik

    Slavik XenForo Moderator Staff Member

    We know EXACTLY who it is, he thinks he covered his tracks by deleting his IP from the vbulletin admin pannel, but it didn't take long to track it down in apache logs. He is a "know it all" kid we banned a few weeks back for showing no respect to other, older, more experienced members who were only trying to help him out.

    Nasty accidents often occur on a days paintballing...
    Particularly so when this is the admin whos account he accessed...

    RobinHood likes this.
  8. EQnoble

    EQnoble Well-Known Member

    Nice...I hope he receives his pwning...obviously he knows everything so he isn't interested in learning anything...it sucks but sometimes people who make bad decisions at the cost of others need to feel pain since morals are not something they hold in regards.

    So lemme see if I understand you correctly...

    You have an admin and on days that it is known that he is away ( I am assuming since it is a paintball forum that he probably announces his gamedays and there is not many other times when someone would know for sure that he wont be there.) someone is using his account to be a POS in a cowardly way.

    If that is the case that is very similar to what my situation was except they were watching my activity on all site's that I frequent and not my forum itself.

    sidenote: who is the beastly lookin dude in that pic?
  9. jmurrayhead

    jmurrayhead Well-Known Member

    The hacker's mom?
    EQnoble likes this.
  10. EQnoble

    EQnoble Well-Known Member

    L. M. A. O. Mom has more hair under her arms than on her head :)
  11. jmurrayhead

    jmurrayhead Well-Known Member

    she likes it that way ;)
    EQnoble likes this.
  12. EQnoble

    EQnoble Well-Known Member

    I so have to not say what my response to that was ;-)

    Wiping the ole working memory..... and.... poof...I think I just saved myself a warning:)
    jmurrayhead likes this.
  13. Slavik

    Slavik XenForo Moderator Staff Member

    Thats the guy whos account was used to do the damage.

    Been on to phone for the last hour with him.

    He is not amused.
  14. Lucas

    Lucas Well-Known Member

    I'm pretty sure he could solve the matter himself. lol
  15. Shamil

    Shamil Well-Known Member

    Slavik, will the pursue the matter further with the police?
  16. Slavik

    Slavik XenForo Moderator Staff Member

    The police have taken all the evidence, and should we decide to push criminal charges they are looking at up to 10 years in jail.

    As of today, I have filed the relevent N1 and N244 forms along with 120 pages of evidence to take them through civil courts and recover our damages.
    Fuhrmann, RobinHood and AzzidReign like this.
  17. MarcosPreviato

    MarcosPreviato Active Member

    Fuhrmann likes this.
  18. ManagerJosh

    ManagerJosh Well-Known Member

    I have to ask Slavik, how did he gain access to your admincp or server to inject the plugin?
  19. Slavik

    Slavik XenForo Moderator Staff Member

    A vbulletin SQL injection exploit :rolleyes:
    Fuhrmann likes this.
  20. AzzidReign

    AzzidReign Well-Known Member

    It's nice to hear someone going after punks like these. Unfortunately, I've tried to do the same...with mounds of proof and other information to put multiple people away for 10's of years, but the FBI just either moves slow or doesn't do **** about it. I hope yours turns out differently.

Share This Page