Jump to content
The Dark Mod Forums

Forums Restored


modetwo

Recommended Posts

I'm sorry this took so long, but I've just restored the forums from a backup I took on saturday.

 

The forums were 'hacked' by a script-kiddie yesterday. I saw in the admin logs that he logged in with one of the admin accounts (probably after 'guessing' the password with some brute force script). He then edited all of the admin accounts and removed their access to the admin control panel (acp). Then he edited the forum description and wrote a text saying we would get acp access back for the total amount of $100. Right.

 

Anyway, since I had to restore a backup of the database, some posts/threads/PM's and new users were wiped, but I couldn't do anything with that.

 

I don't think this guy did anything other than removing the admin powers and editing the forum description when he was in the acp (all operations in the acp is logged), and he had no access to download the database. But just in case I urge you to change your password on this forum, and other sites where you've got the same account name and password. It's better to be safe than sorry.

 

All admins are instructed to change their passwords to a hard-to-guess one. The password should;

  • not contain any words found in a dictionary
  • contain atleast 8 characters or more
  • consist of characters, numbers and signs in a good mix
  • consist of both lower- and uppercase characters/signs

Also, always LOG OUT after you're done in the admin cp, and don't click on links in threads when logged into the admin cp. If an intruder fetches your cookie, he can access the admin cp.

 

All admins have lost their acp access. They will get it back once they have changed their password. Please PM Fingernail when you have changed your password. Also, the acp is .htaccess protected with a username/password, and I've given the login info to Fingernail.

~m2

Link to comment
Share on other sites

I wnder what the "fun" is when such a site is "hacked". Considering that it was a script kiddie I can not even call this a hack, because they usually don't know anything beyond downloading some scripts.

It's not as if our forum is so important or provides some secret information or some money to be gained with. No more then drunken bragging in the circle of some sorry loosers who think they are "3771 hx0rs".

Gerhard

Link to comment
Share on other sites

Pak, spar and New Horizon have been restored as admins, as they have all changed their passwords.

 

However, they'll have to use a password and username to access the Admin CP from now on. I'll send them that information via PM on TTLG, NOT this board. Also do not discuss that password on THIS forum, even through the PM system, and even with other admins.

Link to comment
Share on other sites

However, they'll have to use a password and username to access the Admin CP from now on.

Good idea. This way it doesn't matter if somebody gets the forum password. You can still do some nasty things, but not as much as before. :)

Gerhard

Link to comment
Share on other sites

Yes, I got his IP.

Maybe you should compare it to the IP from the guy that we had to ban. Could be that I'm just paranoid, but it doesn't hurt and only takes a minute. Last time he frequented our board again he still got the same IP as he had the first time when he started to spam our board (before he got permanently banned).

Gerhard

Link to comment
Share on other sites

  • Recent Status Updates

    • Ansome

      Finally got my PC back from the shop after my SSD got corrupted a week ago and damaged my motherboard. Scary stuff, but thank goodness it happened right after two months of FM development instead of wiping all my work before I could release it. New SSD, repaired Motherboard and BIOS, and we're ready to start working on my second FM with some added version control in the cloud just to be safe!
      · 0 replies
    • Petike the Taffer  »  DeTeEff

      I've updated the articles for your FMs and your author category at the wiki. Your newer nickname (DeTeEff) now comes first, and the one in parentheses is your older nickname (Fieldmedic). Just to avoid confusing people who played your FMs years ago and remember your older nickname. I've added a wiki article for your latest FM, Who Watches the Watcher?, as part of my current updating efforts. Unless I overlooked something, you have five different FMs so far.
      · 0 replies
    • Petike the Taffer

      I've finally managed to log in to The Dark Mod Wiki. I'm back in the saddle and before the holidays start in full, I'll be adding a few new FM articles and doing other updates. Written in Stone is already done.
      · 4 replies
    • nbohr1more

      TDM 15th Anniversary Contest is now active! Please declare your participation: https://forums.thedarkmod.com/index.php?/topic/22413-the-dark-mod-15th-anniversary-contest-entry-thread/
       
      · 0 replies
    • JackFarmer

      @TheUnbeholden
      You cannot receive PMs. Could you please be so kind and check your mailbox if it is full (or maybe you switched off the function)?
      · 1 reply
×
×
  • Create New...