TWHL Database Hack Created 12 years ago2013-03-09 06:17:26 UTC by Penguinboy Penguinboy

Created 12 years ago2013-03-09 06:17:26 UTC by Penguinboy Penguinboy

Posted 12 years ago2013-03-10 00:51:59 UTC Post #312996
Are you going to tell us anything about yourself, or are you just here to observe us and rub your hands while you read our reactions to your certainly unusual introduction?
Posted 12 years ago2013-03-10 01:56:05 UTC Post #312997
Maybe he wanted to sign his artwork?
Rimrook RimrookSince 2003
Posted 12 years ago2013-03-10 06:53:00 UTC Post #312999
I've told a lot about myself on IRC, maybe if you would get on :P
Posted 12 years ago2013-03-10 07:56:42 UTC Post #313000
Question: Was it possible to discover and inform PB of the exploit without deleting a bunch of our stuff by actually following through with it?
Posted 12 years ago2013-03-10 08:59:48 UTC Post #313001
I'm quite sure it was.
Posted 12 years ago2013-03-10 09:15:59 UTC Post #313005
Oh ok, sorry, I thought you said you knew there were unescaped strings.
Posted 12 years ago2013-03-10 09:18:03 UTC Post #313006
There's something fishy going on.
Striker StrikerI forgot to check the oil pressure
Posted 12 years ago2013-03-10 09:21:36 UTC Post #313007
Nah, those incorrect times are due to Daylight saving :P
Posted 12 years ago2013-03-10 09:33:52 UTC Post #313003
PB knew about it when he coded the site anyway, he was just too lazy. I was mainly informing the users of it...
Posted 12 years ago2013-03-10 09:58:26 UTC Post #313004
No, if I knew about it then it wouldn't have been there. The code is a mess, so it's not surprising that there were a few holes. I should have thrown it all away ages ago, but I just haven't had the time to do a rewrite.
Penguinboy PenguinboyHaha, I died again!
Posted 12 years ago2013-03-10 23:06:35 UTC Post #313011
why would someone hack SQL servers for fun and get in the way of someones privacy? and because of that silly stunt i have to change my passwords! why do people do dumb things! i hate it when people do dumb things...
Posted 12 years ago2013-03-10 23:15:41 UTC Post #313012
It's also dumb to call a threatening person dumb, Nine.
Posted 12 years ago2013-03-11 00:54:11 UTC Post #313015
hey i can be threatening myself! you should see me when im frowning
Posted 12 years ago2013-03-11 04:05:00 UTC Post #313016
it's better that you have to change your password now rather than not change it and have a black hat silently get access to your password without you knowing
Posted 12 years ago2013-03-11 04:12:19 UTC Post #313017
I have a TWHL-only password so even if someone had access to my TWHL account, the worst that could happen is that they post spam or upload a map :P
Posted 12 years ago2013-03-11 04:34:25 UTC Post #313018
I use low and high priority passwords, so one for my bank and primary email, and I use one pretty much for all my other stuff... i know it's not too smart and you can use a password managing program to use unique passwords for everything, but mostly i cbf..

if someone did do something malicious like sign in to you account and delete all your maps, could they be restored from a backup?
Captain Terror Captain Terrorwhen a man loves a woman
Posted 12 years ago2013-03-11 05:01:59 UTC Post #313019
In the near future I will be setting up a proper backup of map files. I already have database backups, but didn't think to back up the maps as well.

I have a similar setup CapT, but for the low-priority sites I tend to use a pattern based on the site name so it's not exactly the same. It's still not all that secure, but at least it's safer against automated tools.
Penguinboy PenguinboyHaha, I died again!
Posted 12 years ago2013-03-11 16:02:19 UTC Post #313024
I'd be willing to host up to 250GB of maps, if there are that many. I've still got 500GB left on my external HDD, and I may be getting another soon, so I might have more free space in the future.
Alabastor_Twob Alabastor_Twobformerly TJB
Posted 12 years ago2013-03-11 17:59:20 UTC Post #313025
Maybe rfe can help, i know he has servers and things.

Also we can all donate some cash to buy an hard drive.
Stojke StojkeUnreal
Posted 12 years ago2013-03-11 22:16:58 UTC Post #313028
That's a bit redundant. If it's that necessary just ask one of the many members that own server space to host/mirror it.
Crollo CrolloTrollo
Posted 12 years ago2013-03-11 22:23:55 UTC Post #313029
It's not a question of space - most good hosts nowadays provide unlimited hosting/bandwidth, including the one TWHL is hosted on.

It is a question of creating a system to back up the map files though. That might take some time.
Daubster DaubsterVault Dweller
Posted 12 years ago2013-03-11 22:28:31 UTC Post #313030
Exactly. We have plenty of storage capacity, I just need to work out a way to do it properly.
Penguinboy PenguinboyHaha, I died again!
Posted 12 years ago2013-03-11 23:40:56 UTC Post #313031
$ _
$ cp maps/* /backup/maps

Posted 12 years ago2013-03-12 20:28:32 UTC Post #313033
I can provide an offsite backup if you need :)

@Daubster I just copy my data over with a php script to another drive.
rufee rufeeSledge fanboy
Posted 11 years ago2013-03-15 04:50:33 UTC Post #313051
Totally forgot to mention, screenshots do exist if anyone wants them.
Posted 11 years ago2013-03-15 05:02:21 UTC Post #313052
Ant naked? <forming saliva> =P
Captain Terror Captain Terrorwhen a man loves a woman
Posted 11 years ago2013-03-15 06:08:27 UTC Post #313053
What screenies?
Ghost129er Ghost129erSAS1946 Certified Nuisance
Posted 11 years ago2013-03-15 06:08:45 UTC Post #313054
You mean you don't already have those? I thought everyone did.
Alabastor_Twob Alabastor_Twobformerly TJB
Posted 11 years ago2013-03-15 06:24:12 UTC Post #313055
ghost: Ant the old admin here BUCK naked =)
Captain Terror Captain Terrorwhen a man loves a woman
Posted 11 years ago2013-03-15 07:24:39 UTC Post #313056
You don't wanna see those photos. They're too blurry :(
Penguinboy PenguinboyHaha, I died again!
Posted 11 years ago2013-03-15 08:16:05 UTC Post #313057
Had we known, we'd have given you a better camera.
You must be logged in to post a response.


Log in to add shouts of your own