Springfield XD Forum banner

1 - 20 of 41 Posts

·
Banned
Joined
·
1,546 Posts
HAHAHA 8)
 

·
Registered
Joined
·
1,340 Posts
In all likelihood it was a worm that affects php sites. I doubt if any efforts were even applied to discover its origin.
 

·
Registered
Joined
·
1,167 Posts
Actually had you browsed back and read, you would find out the previous version of phpBB had a bug in it and this script kiddie read about it, exploited it, and probably voted for John Kerry.

He/she/it may have gotten away from it on this site, but he has a standing dare to enter my property.
 

·
Registered
Joined
·
2,420 Posts
I don't think he'll ever be found.

Unless you bring a shovel.
 
G

·
Discussion Starter · #9 ·
Yeah, I was just wondering. I have checked Kermee's FAQs, INFO, etc. a few times, but never heard any new info on whether or not the idiot is being sought out.

Where do you live, Mullanman? Some might want to help you take care of him or her.
 

·
Registered
Joined
·
347 Posts
Depending on how extensively the activity here is logged, the IP address of the hacker may have been logged, but the next step would be figuring out if the location used is actually their ISP (a common thing when kids hack) or if they compromised another device to then "relay" an attack. My guess would be the fool did it from home or the library, or if smarter than the average, might have sought out an open WIFI access somewhere. This is why its hard to nail down cyber criminals, too many ways to hide.

Matthew
 
G

·
Discussion Starter · #12 ·
No, I think it is the kind of worm that swims up your weinie when you swim in African waters.

Difficult to urinate, you know.
 

·
Registered
Joined
·
3,263 Posts
all the references in this thread reminded me of this site. I don't know which is more disturbing, the singing or the fact that someone actually took the time to put the the major dialogue scenes of the movie to "music"

http://www.silencethemusical.com/

sorry for the hijack
 

·
Registered
Joined
·
2,137 Posts
It was definitely no random worm. It was a hacker because I saw when he was here and logged in when it was happening and I even PMed him. I can't remember what username he was going by but it was definitely the guy that hacked the board...brand new registered member who's username at the bottom of the forums page was colored orange, which signifies that he's an admin.

brad cook
 

·
Registered
Joined
·
527 Posts
DigMe said:
It was definitely no random worm. It was a hacker because I saw when he was here and logged in when it was happening and I even PMed him. I can't remember what username he was going by but it was definitely the guy that hacked the board...brand new registered member who's username at the bottom of the forums page was colored orange, which signifies that he's an admin.

brad cook

http://www.hs2000talk.com/viewtopic.php?t=15554&highlight=pwn3d
 
G

·
Discussion Starter · #16 ·
Aha. After looking at the Urban Dictionary, I believe the person should be called a cracker and not a hacker. My bad--- 1 15 /V07 4 1337 h0x0r --- Obviously. :roll:
 

·
Registered
Joined
·
1,966 Posts
It puts the Joe Dirt in the hole!
 

·
Registered
Joined
·
782 Posts
Zeelock was an individual who discovered how to exploit this vulnerability and published a proof-of-concept exploit which was subsequently used by many script kiddies. Most likely, any attempts to trace the source of the attack would be futile.
 

·
Premium Member
Joined
·
594 Posts
dolanp said:
Zeelock was an individual who discovered how to exploit this vulnerability and published a proof-of-concept exploit which was subsequently used by many script kiddies. Most likely, any attempts to trace the source of the attack would be futile.
Would be now, anyway.

If the owner of the foumr was a little more hands on and had released the access logs and any phpBB logs to someone in cyber security, an IP check could have been run against the login records or the backend database (phpBB DOES record your registration IP, and there would be an origination IP in the server access logs anyway) and then run a query of the IP against ARIN block such as by using NQT that I wrote (http://www.waynefrazee.com/tools.php/nq).

From that, you can form an abuse inquiry to the ISP. Realistically, that might turn out a red herring but chances are that will give you at least the outbound leg in the attack vector.

At any rate, running a forum using publicly availible forum software, especially something that has been as high profile as phpBB without actively maintaining and updating your community is irresponsible. I enjoy this forum for the community but if I really had the time you have no idea how much throught I have put into running my own XD enthusiast site.
 
1 - 20 of 41 Posts
Top