• When you click on links to various merchants on this site and make a purchase, this can result in this site earning a commission. Affiliate programs and affiliations include, but are not limited to, the eBay Partner Network.

Archived

This topic is now archived and is closed to further replies.

valiantfans.com Hacked?

Started by DawgPhan,

27 posts in this topic

DawgPhan

DawgPhan

Posted
Posted

I know that most of you dont really care about valiants, but your main man on the calculator, ValiantMan, has had his website hacked. It looks like the only valiantfans.com was hacked and not valiantcomics.com though I was having some problems with it last night. Anyway I was really posting to see if valiantman had any ideas about what happened or any other information that he could share with us.

 

I figure that it was not an attack directed at valiantfans.com, but just a program that searched the internet for a certain exploit. The only reason I say that is because of the page that was placed up instead of the home page..Very bland...just saying that the page had been defaced. If someone had been targeting valiantfans.com they would have surely included some sinister message instead of a lame defaced page. I am also guess that the worm has something to do with the message board system that was running on that server. I believe that it is freeware and someone probably has found a hole in it. Anyway this is all speculation on my part.

 

*there is no emoticon to express how I am feeling*

Link to comment
Share on other sites
myron-migration

myron-migration

Posted
Posted

Hey Dawg...there is a worm targeting PHP 4.9.(3?)and PHPBB software going around right now...Greg's site isn't the only one affected...I have visited about 4 other discussions where it has happened as well. I would think that if his provider would upgrade to the latest version of PHP there won't be a problem...I just e-mailed him and he has a back up ready to go...

 

Myron

Link to comment
Share on other sites
DawgPhan

DawgPhan

Posted
  • Author
Posted

Yeah I figured as such. I tried looking on the internet and couldnt find anything about a new worm or anything, but figured that was the case. Also since valiantcomics.com was not hit and it runs on IIS(i believe since it is built with ASP). Of course this is just like code red and that other worm that went around a few years ago for the IIS servers. thanks for the info..I will pass it along..

Link to comment
Share on other sites
DawgPhan

DawgPhan

Posted
  • Author
Posted

Oh and if you get a chance pass this info or a link to this thread to a few of the other guys. I would bet that many of them are thinking that it has to do with the tv riot/kenshi stuff that has been going on. No need to spread misinformation.

Link to comment
Share on other sites
awe4one

awe4one

Posted
Posted

My bulletin board was hacked a couple of weeks ago by some slimeballs based out of the Middle East. My hosting service has done a super job restoring what was lost. The board was the only link affected. Seems they have found a vulnerability. They registered a new name which somehow gave them the opening to Super Admin access to the board...

 

Apparently, some dickheads out there are focusing on comic site bulletin boards. Newsarama was also hit around the same time as I...

 

Jim

Link to comment
Share on other sites
Ares

Ares

Posted
Posted
The other boards that I know of are gaming boards...angband, Tome and such...but I'm pretty sure it's a PHP exploitation.

 

Thanks for the welcome.

 

Dawg...I don't have anyone elses e-mails (gonna change that now)...the only one I've spoke with is Greg.

 

Dreamwave Comics board were hit as well

Link to comment
Share on other sites
DawgPhan

DawgPhan

Posted
  • Author
Posted

phpBB Attachment Mod Directory Traversal HTTP POST Injection Vulnerability

 

what a lovely name for this problem. 27_laughing.gif

 

well I thought that it was funny. I also like how they tel you exactly how to do it on that site and of course it doesnt seem very hard. I would imagine that it would be rather simple to automate the process so that you could screw up a bunch of websites. foreheadslap.gif

Link to comment
Share on other sites
sterlingcomics

sterlingcomics

Posted
Posted
Doesn't 'php' stand for 'pretty horrid privacy'? stooges.gif

 

I think there was a study conducted, and that most vulnerability attacks were launched against computers that were not properly patched. In other words, the fix was already available. Patch management is a growing problem in the IT sector where hackers apparently have a lot of time on their hands.

 

php is cool man! It all boils down to issues in product design as it relates to security. I'm considering using phpBB as part of my web site.

 

Microsoft couldn't spell security in the free-loving days of Windows 95. That's changing now, but their architecture is fundamentally flawed. Sorry, I "bash" MS every chance I get. grin.gif

 

I guess we need a PGP (pretty good privacy) version of PHP foreheadslap.gif Gotta love those computer acronymns!

 

LONG LIVE THE PENGUIN!

Link to comment
Share on other sites
Ares

Ares

Posted
Posted
Doesn't 'php' stand for 'pretty horrid privacy'? stooges.gif

 

I think there was a study conducted, and that most vulnerability attacks were launched against computers that were not properly patched. In other words, the fix was already available. Patch management is a growing problem in the IT sector where hackers apparently have a lot of time on their hands.

 

php is cool man! It all boils down to issues in product design as it relates to security. I'm considering using phpBB as part of my web site.

 

Microsoft couldn't spell security in the free-loving days of Windows 95. That's changing now, but their architecture is fundamentally flawed. Sorry, I "bash" MS every chance I get. grin.gif

 

I guess we need a PGP (pretty good privacy) version of PHP foreheadslap.gif Gotta love those computer acronymns!

 

What about PCP

Link to comment
Share on other sites
Go to topic listing