The Board Has Been Hacked!!

News related to the site
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

The Board Has Been Hacked!!

Post by Iain »

The board was hacked this afternoon and all messages and topics and forums were deleted.

I had a backup of the board from March 2004 but this is corrupt, therefore all message have been lost for good :(

The board had over 3500 messages with lots of Zzap info in them but these are now lsot because of some idiot deciding to hack into the board.

Completely pointless vandalism.

As far as I know, the hack was preformed using an exploit in the version of the phpBB software I was using. There had been an update to the software a couple of weeks ago to fix this, but I didn't realise this until after the hack.

The rest of the site appears to be unaffected bu let me know if you notice anything different or weird.

I will of course be preforming full backups of the site's database every week from now on so this can't happen again (ie all messages lost). Unfortunately this doesn't help the situation now.

All those messages lost because of some fucking idiot cracker!
User avatar
LeeT
Director
Posts: 460
Joined: Wed Jun 18, 2003 8:19 am
Location: United Kingdom, Hartlepool

Post by LeeT »

I hope the people that did this can be traced down and their ISP's informed! :twisted:
Contributor to Def Tribute to ZZAP!
Compilation64 - http://compilation64.zzap64.co.uk/
Crazy about the C64? - www.lemon64.com
Amiga Anguish? - www.lemonamiga.com
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

Post by Iain »

Well I have their IP and at least one ISP (BT Broadband) but will it do any good really?

I guess they might get kicked off their ISP at least, so I guess I should report it.

It's so frustrating, the messages are cached in google but there's no way to get them back on the board without spending weeks doing it by manually entering it all in the database.
User avatar
LeeT
Director
Posts: 460
Joined: Wed Jun 18, 2003 8:19 am
Location: United Kingdom, Hartlepool

Post by LeeT »

iain wrote:Well I have their IP and at least one ISP (BT Broadband) but will it do any good really?

I guess they might get kicked off their ISP at least, so I guess I should report it.

It's so frustrating, the messages are cached in google but there's no way to get them back on the board without spending weeks doing it by manually entering it all in the database.
I would definetly report them, as they are likely to do it again (somewhere else if not here!).

I don't know anything about web design/ forum programs, but how did this happen, as presumably there are supposed to be passwords etc for yourself to alter the forum if necessary - Any idea of how they got in?
Contributor to Def Tribute to ZZAP!
Compilation64 - http://compilation64.zzap64.co.uk/
Crazy about the C64? - www.lemon64.com
Amiga Anguish? - www.lemonamiga.com
User avatar
PaulEMoz
Staffer
Posts: 146
Joined: Sun Jun 22, 2003 1:23 am
Location: Near Newcastle, England
Contact:

Post by PaulEMoz »

Holy shit.

There truly are some arseholes in this world. :evil:
They Were Our Gods - a website charting my progress on an upcoming book of the same name, about the UK gaming scene in the 1980s.
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

Post by Iain »

Seems like they used some sort of variable overload when calling a page, and that entered an admin user in the database and it's easy to do anything from there. :(
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

Post by Iain »

Well the first cracker appeared to come from a Polish ISP http://www.swiat.pl/ so I have sent them an email about it. Obviously the cracker wasn't a very good one or he would have covered his tracks a bit better.

He found the board by searching for "leet forum phpbb" on Google. Lemon is another site that appear on the results page so thankfully he has now updated his software.
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

Post by Iain »

The second hacker (arrived about 30 mins later) was from 81.153.111.201 and was using BT Broadband as an ISP so obviously I have emailed an abuse repor to them as well.

I'm also working with a couple of other webmasters to get these guys so the net is closing!
User avatar
Lloyd Mangram
King of Ludlow
Posts: 1151
Joined: Thu Jun 19, 2003 10:22 pm
Location: Ludlow
Contact:

Post by Lloyd Mangram »

WOT!!! :shock:
Everything gonzo??
I'm well err, I just don't have words for it actually. :evil:

3500 posts vanished. I just can't believe it.

Oh well, life goes on. :?

My feelings are with the webmaster and all genuine Rrappers.
Ta!
Rob


edit: aww, cool. I didn't lose my status and number of original posts! :twisted: Good! Ow, just kiddin'. :wink:
Once again I emerge from beneath a massive pile of paper which makes my desk groan to bring you the world’s most amazing posts.
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

Post by Iain »

Mr.Zzapback wrote:
3500 posts vanished. I just can't believe it.

Oh well, life goes on. :?
Yeap, it's a shit one, since there was a lot of cool posts with interesting info about Zzap and its staff etc.

But I guess, we can't let the bastards get us down so let's not give up and let the community die. Start writing more messages to fill the board up again! and I promise I'll back up in future! ;-)

Mr.Zzapback wrote: edit: aww, cool. I didn't lose my status and number of original posts! :twisted: Good! Ow, just kiddin'. :wink:
Well it is something that the user accounts and info survived (you have to delete them one by one, whereas the forums you can delete with one click)
User avatar
Lloyd Mangram
King of Ludlow
Posts: 1151
Joined: Thu Jun 19, 2003 10:22 pm
Location: Ludlow
Contact:

Post by Lloyd Mangram »

iain wrote:
Well it is something that the user accounts and info survived (you have to delete them one by one, whereas the forums you can delete with one click)
Oi! Wouldn't it be smart if phpBB 'protected' that possibility?
Which moderator would want to delete the whole board with one click?
This is actually making it more interesting for Hackers to hack a board and to clean-up years of effort with one click. Or am I stupid?
(DON'T answer that one :wink: )

Oh dear, what a day.
The face of 'live concerts' would be changed forever as well, I'm afraid. :evil:
Ta!
Rob
Once again I emerge from beneath a massive pile of paper which makes my desk groan to bring you the world’s most amazing posts.
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

Post by Iain »

You will all be pleased to know that I have just backed up the complete database. It was oh so easy, just one line! :(

Why didn't I research how to do it and DO it before? c'est la vie I guess :(
User avatar
Lloyd Mangram
King of Ludlow
Posts: 1151
Joined: Thu Jun 19, 2003 10:22 pm
Location: Ludlow
Contact:

Post by Lloyd Mangram »

http://www.yakyak.org/viewtopic.php?t=28878&highlight=

http://www.lemon64.com/forum/viewtopic.php?t=15403

http://www.lemon64.com/forum/viewtopic.php?t=15414

http://www.lemon64.com/forum/viewtopic.php?t=15409

Iain, I'd seriously go for the option to 'buy' the backup from your host.
Even if it does fail, the money wouldn't be thrown away.
We could gather the money eaily through paypal for example.
I wouldn't mind browsing the database in case an update fails and restore stuff by hand, just let me know.

Let me hear your opinions please. (the regulars)
Ta!
Rob
Once again I emerge from beneath a massive pile of paper which makes my desk groan to bring you the world’s most amazing posts.
User avatar
Matt
Freelancer
Posts: 50
Joined: Wed Jul 09, 2003 4:27 pm
Location: Belgium, Ghent

Post by Matt »

this is so so sad,
it makes me really angry!! :x
cheer up iain and all the rest!
User avatar
Iain
Admin
Posts: 2222
Joined: Tue Jun 17, 2003 6:42 pm
Location: Cavan, Ireland
Contact:

Post by Iain »

Some good news

I have contacted my host about the possibility of getting a copy of the database backup up a few days ago.

Here's what I got back -
If we cannot retrieve what you require then basically you will not be
charged for this but until the order has been placed and the system
administrators have tried we do not know either way. If you place the
order
and the data cannot be restored there will be no charge. If a partial
restore can be achieved then we would contact your first and ask if you
wanted to proceed.
So it's worth a shot! It's been great to see that people have said they are prepared to donate to pay for this, it gives me a warm feeling inside (seriously!), so when I get home I'll set up a donation via Paypal type thing and if we get the required amount, we can go ahead with the attempted backup and if we don't get enough, I can just refund the money back to the donators!

I have fuck all money these days, with no job and being a student again but I'll put up £20 anyway. So we just need to collect another £100.
Post Reply