[FORUM CRACKED] Salvaging the rubble...

[Jay Kae]

Alright, this has been a fun morning, at 5:01am I got a SMF error msg sent to my iPhone, then the Orbx site went down. Denial Of Service is very enjoyable, at the same time an exploit was used to gain access to the forum, not the database. Just want you all to know that your information is save and secure because I use 256b encryption. Now, even though the forum is up again, there will be errors as I am going through every single bit of coding etc that is available on the forum backend. I do have to say for SMF to have the upgrade to RC3 available made life a little easier because I was able to upgrade the old faulty files :)

Please report any errors in this thread.

EDIT: I am aware that no enhancement to the forums is currently functioning

[John Venema]

As per usual, Jay saves the day. Your blood is worth bottling mate!

[martinc]

Hang in there J. Gotta love being the DBA ....

[Alcibiades]

Was this an Avsim-type attack?

[Patrick Scharnowski]

With success come envious lowlifes. Look at it this way: no one tries to crack a forum that nobody is interested in.

[dmrich28]

why would you "crack" a forum? what can you get out of it?

[Phil Manhart]

Jigsaw hit the nail on the head! Only popular places get hacked, I guess you guys should take this as a compliment!

Phil

[Russ White]

Jay....you cape wearing, hacker eating, server bench pressing, one man I.T army, admin hero. 

you da man!

Russ.

[Tim Harris]

Dont @#$% with the SYSADMIN

[Ryan Mason]

Onya Batman!

[Spirit Flyer_old]

I don't know whether to sigh for relief and clap for joy that its ORBX 1 and Hacker 0, or scream in anger against whoever did this! Thanks Jay, you are our superhero!

Stephen

[ricky76]

Great save Jay!!!! Thanks!!!!

[alan2]

I nearly broke down in tears when I tried to get into the forum -" what have I done to my computer now !!"  ...somebody said it ...lowlifes and

and/or immatures .

[John Bosch]

Go get 'em Jay!

[Phil Manhart]

Go get 'em Jay!

LOL! 

[alainneedle1]

No problem since all my info on this forums are fake.......

[Martin Henare]

Nice work mate!

[Sniper31]

Great work Jay....fargin bastages....[grumble, grumble]...

[Appliance]

Many thanks mate. 

[Edward Boyte]

Woot.

Well done Jay! 

[TheAviator]

Jay, you are simply the awesomest guy I know!

See if you can trace it, maybe its the Swedish kid again lol

[yallu]

TBH, I have been a little skeptical about using RCs for production, mayby even first release. But then again, someone has to do it to allow RCs become releases. Something is going on with SMFs being targets of cracking attempts increasingly often. I'm guessing the RC lures them out.

I'm running 1.1.11, and by luck, recently happened to be online when I suddenly saw my guest count rise to many many times normal. I traced the IPs and saw they were coming from eastern europe, china, africa etc. so I knew it was an attempt with fake IPs or captured hosts. I put the forum into maintenance mode to minimize all services and waited few hours until I re-enabled everything. Seemed to work. That was all I could think of, I'm a software architect/developer, not a security specialist. I wonder what is the correct procedure when you're being attacked?

[Jay Kae]

Thanks guys, I have been coding and whatnot for over 12 hours straight, did not get any normal work done really Not really making headway other than that the forums are up and running sort of ...

@yallu, the sole reason I went to RC2 was because 1.1.11 was leaving too much open for people to exploit and I had to hook the forum so that any out of the ordinary was immediately sent to my iphone, very annoying and when a Flash exploit was used, that did it for me.

[Iain Emms]

Well done JK, i wondered what had happend last night when i could not get back on to the forum THANK you for all the hard work in sorting this out for us mate. And yet again i cant understand these people who do this hacking. Good luck with sorting this out and i only hope you can find out who done this but i guess there will be no come back to them they should be brought before some international court to answer for there actions but the cost will be no doubt very big,

cheers

Iain

[tim_A]

Mustard Mitt, when the forum went down (I was halfway through writing a reply...!), I just assumed you were putting on RC3. Didn't realise all this nastiness was going on too. Well done for catching it.

[Dylan Lampard]

why would you crack into a forum?

Some people just have too much time on there hand 

Great work JK, you once again save this forum

[Guest bliksimpie]

Go get them Jae!!

Thanks for being their as the safegaurd

[Jay Kae]

No, RC3 saved the day when it comes to the front end really

[woodduck]

Jay, 

I was just remembering the other day when the VOZ Forum was first hacked, this brings back memories.

Glad to see you have it up and running again.

Cheers

John

]

AU GOLD_6065  AU BLUE_ 6065  AU YMML_ 10811  AU GREEN_ 12237  AU YSCH_ 13174  AU RED_13383  AU YPJT_13721  AU YWVA_17449

AU YMAV_21209  AU YPEC_24047  FTX AUSTRALIA SP3_28758  AU YHBA_30885

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Windows 7 64bit

Asus P6T Deluxe OC Palm /Intel i7 940 2.93 GHz /NOCTUA NH-U12P SE1366 Heat sink with Dual Fans

Corsair 6 GB TR3X1600C8D XMP Dominator Triple Channel DDR3/Dominator Triple Channel AIRFLOW Fan

Asus GPU GTX280 1 GB / 2x Sony DL Sata Optical Drives

HDD WD 2x320 Raid0 [OS]_WD 2x640 Raid0 [FSX]_WD 2x320 Raid0[Music Pictures Video]

Acer Monitors 3x24†2ms + TH2G / Saitek Cyborg Keyboard

Thermaltake 1200W Toughpower/Thermaltake Armor + Full Tower Case

[Jay Kae]

Yeah I remember that and people wonder why I am paranoid and anal about the forums lol

[Paul Baumanis]

Thanks a million for all your hard work, Jay.

As I said once before. I just don't know how you find the time to do all that you do, but we are all very glad that you do.

[ja-durant]

Well done Jay;

jacques

[Jay Kae]

Ok I am now about 18 hours into it or something and I am seeing the light at the end of the tunnel, added a new feature to the forums as well while I was at it, logo click is back, couple of other bits and pieces as well that have been fixed.

[Jay Kae]

another feature added, the staff list this time

[Plexi1]

good to see that the forum is back, thanks JayKae for your hard work, all I got until a few minutes ago was a database error, but now it works

[Patrick Scharnowski]

Yes! Thanks for the hard work! You truly are the caped crusader!

[alehead]

Loads of reasons to want to hack a forum, particularly if popular... just think of the data...

Or extortion...

Just to name but two...

A constant fight to stay one step ahead of them...

Good call JK, it is a hard job and you do it well!

Andrew

[realatp]

I thought software not actual people cracked forums. Why would someone want to crack a Flight Sim forum? Like ORBX is extremely popular (i would think). Why would be the benefit from cracking into a forum? Makes no sense to me at all.

[Phil Manhart]

I thought software not actual people cracked forums. Why would someone want to crack a Flight Sim forum? Like ORBX is extremely popular (i would think). Why would be the benefit from cracking into a forum? Makes no sense to me at all.

Because some people (especially kids), get a high from cracking sites. If you ask me they need a good and honest job, like digging ditches!

[Sniper31]

I thought software not actual people cracked forums. Why would someone want to crack a Flight Sim forum? Like ORBX is extremely popular (i would think). Why would be the benefit from cracking into a forum? Makes no sense to me at all.

Because some people (especially kids), get a high from cracking sites. If you ask me they need a good and honest job, like digging ditches!

LOL...yes!