RE: IT LIVVEEESSSSSSS

	Blazer Forum Classifieds Photo Gallery Search Contact BF Sponsors
Blazer News Member List Forum FAQ Timeslips Recalls TSBs Calendars Register Login

RE: IT LIVVEEESSSSSSS

Printable Version

Blazer >> General >> The Lounge >> RE: IT LIVVEEESSSSSSS

Page: << < prev 1 [2]

Message

<< Older Topic Newer Topic >>

RE: IT LIVVEEESSSSSSS - 5/22/2008 5:37:10 PM

JediKnight2

Posts: 176
Joined: 12/1/2007
Status: offline

The real bottom line though....something wasn't tied up like it should have been. Hacks, especially on forums are a common occurrence if a few precautions aren't taken. VBulletin and PHPBB are the two LARGEST targets out there coupled with what we had...SQL injection, which luckily for us we had a moron at the helm of the hack that forgot a few things...had it worked a handful of you guys would have been up the creek....also it doesn't help that running a Microsoft Server has it's added downsides...ALL you can hope for is a good backup copy for when something really bad happens...also lucky here that the fix was fairly simple to get in place...

I was all messed up without it though...I emailed the parent company quite a few times offering to do the fix myself for FREE...

< Message edited by JediKnight2 -- 5/22/2008 5:48:12 PM >

(in reply to swartlkk)

Post #: 21

RE: IT LIVVEEESSSSSSS - 5/22/2008 6:05:03 PM

swartlkk

Posts: 14306
Joined: 5/1/2005
From: Waterloo, NY
Status: offline

Yeah, seems we were the last ones to get fixed up.

_____________________________

Kyle-

2004 Rainier
1970 Chevelle - Resto
1974 K5 Blazer - Resto

(in reply to JediKnight2)

Post #: 22

RE: IT LIVVEEESSSSSSS - 5/22/2008 6:44:47 PM

cliro

Posts: 1209
Joined: 10/11/2007
From: Calgary, AB
Status: offline

that was messed, i've never been so bored at work, lol..

and yeah at first i just thought it was my computer too which was pissing me off since its basically brand new.

_____________________________

2004 GMC Jimmy
4x4, 2dr.
metallic cherry red.

.net instead of .com (better)

(in reply to swartlkk)

Post #: 23

RE: IT LIVVEEESSSSSSS - 5/22/2008 7:00:51 PM

Hanr3

Wheels & Tire Moderator
Posts: 3476
Joined: 5/11/2005
Status: offline

Glad the site is back up and running. I too was getting bored.

Good job guys.

_____________________________

"Some people spend an entire lifetime wondering if they made a difference.
The Marines don't have that problem."
-President Ronald Reagan

'87 S10-Blazer - SOLD
'93 S10-Blazer 4x4x4 - Sons DD, engine swap is done.
'00 S10-Blazer 4x4x4 - My

(in reply to cliro)

Post #: 24

RE: IT LIVVEEESSSSSSS - 5/22/2008 9:17:53 PM

otnietdehoooo

The Chop Shop Moderator
Posts: 1611
Joined: 5/25/2007
From: Ft. Worth, TX
Status: offline

quote:

ORIGINAL: JediKnight2

...had it worked a handful of you guys would have been up the creek....

What can happen with an attack like that? When it first happened, I googled that banner82 .com/b.js thing and found this
http://www.experts-exchange.com/Security/Vulnerabilities/Q_23411125.html

I then wikipedia'd SQL Injection Attack and it came up with a page but I don't know enough to understand what all could have happened.

What is the point of an attack like that? to steal personal info?

_____________________________

Matt - 98 4DR 4WD

click me!

(in reply to JediKnight2)

Post #: 25

RE: IT LIVVEEESSSSSSS - 5/22/2008 10:05:03 PM

Taymacjack

Posts: 518
Joined: 7/18/2007
From: Auschwitz, Oregon
Status: offline

RISE UP AND BF SHALL STRIKE YOU DOWN

_____________________________

1995 GMC Jimmy 4x4X2 (I need a outside spare tire carrier...wanna trade for the inside version?)

(in reply to Scooterewski)

Post #: 26

RE: IT LIVVEEESSSSSSS - 5/22/2008 10:28:43 PM

Paddle_grl

Posts: 2942
Joined: 9/10/2005
Status: offline

quote:

ORIGINAL: otnietdehoooo

What can happen with an attack like that? When it first happened, I googled that banner82 .com/b.js thing and found this
http://www.experts-exchange.com/Security/Vulnerabilities/Q_23411125.html

I then wikipedia'd SQL Injection Attack and it came up with a page but I don't know enough to understand what all could have happened.

What is the point of an attack like that? to steal personal info?

I second that? I read what Kyle linked to...and I don't get it....isn't that why you have firewall's and virus thingies?

_____________________________

dirty girls rule!!!!!

(in reply to otnietdehoooo)

Post #: 27

RE: IT LIVVEEESSSSSSS - 5/22/2008 10:44:57 PM

BobTheBlazer

Posts: 892
Joined: 2/15/2007
From: Crossville, TN
Status: offline

Woohoo! Now I can be bored here instead of elsewhere, YEAH!!

_____________________________

"Bob The Blazer" - Being parted out...WAAAHH!
"Shebby" - ''90 Dodge Daytona Shelby, the love of my life!
"Superman" - Blue and red ''90 Toyota pickup
''88 Mazda RX-7 - gonna kick ass soon!

(in reply to Scooterewski)

Post #: 28

RE: IT LIVVEEESSSSSSS - 5/23/2008 3:09:41 PM

95Blzr

Posts: 203
Joined: 4/23/2008
Status: online

IT LIVEEESSSS ....AGAIN!!!

_____________________________

1998 2Dr Blazer LS
4x4 Auto

(in reply to Scooterewski)

Post #: 29

RE: IT LIVVEEESSSSSSS - 5/23/2008 10:57:08 PM

94blueknight

Posts: 1515
Joined: 12/31/2007
From: Wisconsin
Status: offline

quote:

ORIGINAL: swartlkk

quote:

ORIGINAL: Blazin_Jason

I read on the intranetz that BF's very own Brettster HACKZOR'D all the sites. That's just how he rolls.

LOL!! I just wish the people who started that rumor would grow up! That is nothing but a childish rumor started over at CF.com by some of the people who also visit this forum.

brett deserves more credit than that if he ever was to hack something a much better job would have been done instead of this idiot who failed at it

_____________________________

CHECK IT OUT its ME!

(in reply to swartlkk)

Post #: 30

RE: IT LIVVEEESSSSSSS - 5/24/2008 7:58:10 AM

JediKnight2

Posts: 176
Joined: 12/1/2007
Status: offline

What SQL injection does is allow a hacker to inject code directly into a database. What this injection did is ammend all of the posts, threads and forums with a link. That link actually was supposed to be in a hidden frame that would immediately redirect the visitor to another site, which usually bounces around a few times to a malicious script that is run. Whether that script is successful usually depends on a few things, the main one being any security holes in IE that allows them to either steal personal information or secretly install things such as smtp servers, which would allow them to mail from your system. Most of the time they turn the system into a resource to become part of the attacks.

Luckily...THIS GUY WAS AN IDIOT. For one the script DIDN'T redirect because it wasn't inserted correctly....second....even the direct link didn't forward to the next location for the script download....Kids...they were not trained by Yoda evidently....cause all they tried to be was l33t3....

EPIC FAIL

< Message edited by JediKnight2 -- 5/24/2008 8:08:13 AM >

(in reply to 94blueknight)

Post #: 31

RE: IT LIVVEEESSSSSSS - 5/24/2008 8:03:19 AM

JediKnight2

Posts: 176
Joined: 12/1/2007
Status: offline

NVM

< Message edited by JediKnight2 -- 5/24/2008 8:11:44 AM >

(in reply to JediKnight2)

Post #: 32