ForumAdvertiser.com - CRACKED?
- Thread starter Ascent
- Start date
UnsaneCulture
Familiar Face
Yeah I was gonna start a post!
Its been hacked, not funny really as whoever hacked it will have everyones details now 😉
i'm glad I dont use the same password as i do on my own forums as I do on other peoples lolol
-bigeyes-
Its been hacked, not funny really as whoever hacked it will have everyones details now 😉
i'm glad I dont use the same password as i do on my own forums as I do on other peoples lolol
-bigeyes-
I just noticed this too...
http://www.google.com/search?hl=xx-hack ... +s3a%7C2ch
Guy needs to learn how to hide, i've already tracked who it was -😉-
Google leads to
http://if.invisionfree.com/profile/55620/
Which says 'My site is'
http://z4.invisionfree.com/Rapture_/
-lol-
Edit:
@UnsaneCulture
Depends. If he only has board access and not FTP then he has no passwords. If he has FTP, then he has the hashes, but phpBB3 is more complex than simple formats, you would need to generate a seperate rainbow table for each user you wanted to crack. I really hope he wastes time cracking mine, as I use a different password (complex ones as well, as Havok
- Good times) for every login field.
http://www.google.com/search?hl=xx-hack ... +s3a%7C2ch
Guy needs to learn how to hide, i've already tracked who it was -😉-
Google leads to
http://if.invisionfree.com/profile/55620/
Which says 'My site is'
http://z4.invisionfree.com/Rapture_/
-lol-
Edit:
@UnsaneCulture
Depends. If he only has board access and not FTP then he has no passwords. If he has FTP, then he has the hashes, but phpBB3 is more complex than simple formats, you would need to generate a seperate rainbow table for each user you wanted to crack. I really hope he wastes time cracking mine, as I use a different password (complex ones as well, as Havok
- Good times) for every login field.UnsaneCulture
Familiar Face
Bluezone777
Mar 24 2009, 08:13 PM
lol some noob cracked Forum Advertiser and put my name as the guy who cracked it and a link to a board that's dead. It made me lol as the owner can simply pull upa back up and restore it as soon as he gets on. XD
Mar 24 2009, 08:13 PM
lol some noob cracked Forum Advertiser and put my name as the guy who cracked it and a link to a board that's dead. It made me lol as the owner can simply pull upa back up and restore it as soon as he gets on. XD
UnsaneCulture
Familiar Face
I wouldn't be so sure . . .
I've delt within the field of password cracking and such, it takes time and a lot of CPU to crack even a few MD5 hash'd passwords -😉-
Out of good fun i've even tried a few of my hashes on the milw0rm cracker, no results -lol-
Plus, phpBB3 hashes are salted. There is very little worry here if you practice good security anyway.
Out of good fun i've even tried a few of my hashes on the milw0rm cracker, no results -lol-
Plus, phpBB3 hashes are salted. There is very little worry here if you practice good security anyway.
UnsaneCulture
Familiar Face
Sorry I was referring to the link you gave to rapture, bluezone777 has already posted that someone cracked forum advertiser and posted his name up . . .
When it comes to these things, anyone can say anything. His word means nothing to me, sorry. Theezy will need to attempt to login, which will only work if the cracker didn't change his password. If he did, Theezy will need a script that allows the editting of phpBB3 through FTP, which I have bookmarked somewhere...
I sure hope the cracker used a proxy, because Theezy will have the IP of the last admin login as well. He can also look in CPanel and get the raw access logs for the past few hours. Depending on how the 'cracker' (which could be hacker at this point, we don't know for sure) got in, there could be 1000 login attempts -roll-
I sure hope the cracker used a proxy, because Theezy will have the IP of the last admin login as well. He can also look in CPanel and get the raw access logs for the past few hours. Depending on how the 'cracker' (which could be hacker at this point, we don't know for sure) got in, there could be 1000 login attempts -roll-
UnsaneCulture
Familiar Face
Do you think this could be down to one of the admins having a weak password?
Mine are deemed strong, but its worrying to think that people can hack any kind of password . . .
-bigeyes-
Mine are deemed strong, but its worrying to think that people can hack any kind of password . . .
-bigeyes-
A brute force attack would have taken ages on a site like that, which should lock you out after 5 attempts. That leaves either
A) Weak password
B) Cracked because he used it on another site and the owner cracked the hash
C) He told someone / his cookies got stolen
Any password can be 'cracked'. Even Https has been cracked (by a few hundred PS3's if I remember correctly...). There never will be a secure method of data protection, this is life. The best protection is to keep strong passwords with 15+ letters / numbers / symbols. I personally have a program that generates them made by someone on the Ghost Webz Network team, so I put little effort into creating them and more into remembering them / keeping them in my hands only.
I love times like these, I get to rant about password safety -happy-
A) Weak password
B) Cracked because he used it on another site and the owner cracked the hash
C) He told someone / his cookies got stolen
Any password can be 'cracked'. Even Https has been cracked (by a few hundred PS3's if I remember correctly...). There never will be a secure method of data protection, this is life. The best protection is to keep strong passwords with 15+ letters / numbers / symbols. I personally have a program that generates them made by someone on the Ghost Webz Network team, so I put little effort into creating them and more into remembering them / keeping them in my hands only.
I love times like these, I get to rant about password safety -happy-
UnsaneCulture
Familiar Face
I think mine is fairly strong and I think I will start adding symbols now as well!
Another question, how do cookies get stolen?
Another question, how do cookies get stolen?
lol....so don't use same password in all the site you signup, one get cracked, he will access all your site, especially don't use same password for forum and email or paypal something.... this day internet is danger... ~mad~
CyberFreak
Legendary Typer
Also never have to many admins... The more admins you have, the more chance you have of being cracked like this. If you have 5 admins it means that they have a choice of 5 users passwords to get and all it takes is one of those password to be weak or worked out then you are stuck. A smaller amount of admins means that there is only a smaller amount of accounts they focus on and that makes it harder for them to get in.
UnsaneCulture
Familiar Face
I kinda feel sorry for them, they set up the site to try and help people and that's the thanks they get.
:/
:/
The person who hacked it probably had a bad time at FA for example getting banned? But i still thinks it's stupid to hack them for that. FA is really great like FP both sites are similar in many ways, they both help people in many ways. I love em both.
A
Anonymous
My only comment on this:
'Some people really need to get a life'
Nothing more worse then pathetic crackers.
'Some people really need to get a life'
Nothing more worse then pathetic crackers.
Affiliates
