Page 1 of 2

Hacked??????

PostPosted: Wed Aug 02, 2006 2:56 pm
by Hobbyist Prime
What's going on with the home page? Did it get hacked and if so how come I can still access the forum or is it on a seperate server? I'm already going through gallery withdrawl..... :shock:

PostPosted: Wed Aug 02, 2006 3:10 pm
by piranacon
looks like some kids and a crappy sql injector, i dont know why they think hacking open source projects is worth crap,

im guessing the forum still works from a differant database

PostPosted: Wed Aug 02, 2006 3:17 pm
by Greyryder
Script kiddies, crying out for attention.

Where'd I leave that sledge hammer.... Image

PostPosted: Wed Aug 02, 2006 3:21 pm
by Hobbyist Prime
All I need is a dremel tool, exacto knife, super glue and some paint to fix them up just right :twisted:

PostPosted: Wed Aug 02, 2006 4:37 pm
by TM Devastator
Man this sucks. I'm looking into the problem right now. This was always Pepie's thing, I'm gonna email him as well

PostPosted: Wed Aug 02, 2006 5:17 pm
by Ramrider
They appear to be Turkish, if that's any lead... :?

Any idea what damage has been done?
Have they just redirected the domain, or have they actually sabotaged the site itself?

Bar stewards. :evil:

PostPosted: Wed Aug 02, 2006 5:40 pm
by TM dak
I F*CkING HATE STUPID PEOPLE. Honestly... Why?

PostPosted: Wed Aug 02, 2006 6:07 pm
by ChaosDeathSaurer
Because they can. It happened at BWTF once.

PostPosted: Wed Aug 02, 2006 6:17 pm
by TFmaster
**** this...I'm tired of this ****.

They can have Transtopia. I'm done.

TFM

PostPosted: Wed Aug 02, 2006 6:32 pm
by MacrossFA19
Beat on the F@@@@res door with a baseball bat, make a bonfire in thier living room and dance like a chip n dale. Then we shall find thier dog and eat it. Then we can grab them by thier brooks brothers PJ's and cram them up thier @$$es.

Seriously, you mean, you, (the transtopia staff/owners), can't just call the server co. and voila? It is a shame that thier are some @$$holes out there that go up and above getting the amusement of pissing others off.

PostPosted: Wed Aug 02, 2006 9:09 pm
by TM Devastator
I'm not what's happened with the server exactly, but I can tell you that all of the files and such on the site are still intact. It seems the hack just re-directs people if they try to access any page to the site. If I can't figure out how to fix this mess and Pepie is unable to help, then the only thing we'll be able to do is move to another server. We'll only be able to do that with some generous donations if it comes to that.

PostPosted: Wed Aug 02, 2006 9:15 pm
by Greyryder
It hasn't replaced all the PHP files? That's good.

I know next to nothing about this kind of stuff. Is it possible they modified the site database? You may have to get a hold of the web host, and see what they can do.

PostPosted: Wed Aug 02, 2006 9:44 pm
by swampmojo
that f-n sucks. stupid little cyber rats.

PostPosted: Wed Aug 02, 2006 10:44 pm
by Greyryder
Devastator wrote:I'm not what's happened with the server exactly, but I can tell you that all of the files and such on the site are still intact. It seems the hack just re-directs people if they try to access any page to the site. If I can't figure out how to fix this mess and Pepie is unable to help, then the only thing we'll be able to do is move to another server. We'll only be able to do that with some generous donations if it comes to that.


What kind of bandwidth does this place pull down a month? Cause my current host's basic plan includes 400gigs of transfer.

PostPosted: Wed Aug 02, 2006 11:23 pm
by tentagil
If all the PHP and gallery stuff is still intact then recovering it shouldn't be to hard to do really. Probably still above my abilities, but I'd assume that they jsut did a butcher job on the index and config files to redirect it all. Had the same thing done my own site a year or two ago. Assuming someone has been making backups of the site you should jsut beable to upload an older version of the core files and hopefully it will correct it.

Thats about the level of my current understanding so if its more then that hopefully you can ge ahold of Pepie and the site can be brought back online.

PostPosted: Thu Aug 03, 2006 12:23 am
by TM Devastator
I think you're right tentagil. The config file was all messed up, by I think I may have deleted my old copies of the the old config file. I was at least able to get the damn cracker message off of the homepage.

PostPosted: Thu Aug 03, 2006 1:34 am
by tentagil
Any chance you have a copy of whatever the frontend software you running the site on? You could probably grab the config from that and edit with the info for the site.

Edit: And jsut looked at the main site. I haven't used postnuke but I have some limited experience with PHPnuke and CPGnuke/Dragonfly.

Postnuke is based off of PHPnuke, and unfortunately shares several of its security holes. Dragonfly is much more secure, but is also much newer and doesn't have nearly as many of the modules, and since they try to keep things more secure modules are developed a bit slower then with Post and PHPnuke.

Looking at a Postnuke config file though they have the same basic setup. You can download the postnuke package and extract an unaltered config file from it then add in the info for the site. I think that might fix some of the problem.

PostPosted: Thu Aug 03, 2006 1:43 am
by TM Devastator
I think I have a copy of the software, but I'm not sure. Pepie set all of this up and I downloaded some mysql thing 'cause I think that's what he use. I have no idea of what to do with it though.

PostPosted: Thu Aug 03, 2006 1:47 am
by Superquad7
Well at least we, as a community, spend our time more constructively. :) We'll get things a'goin' again! You just can't keep good bots down! 8)




. . . and when they do get damaged in battle, we take 'em to the repair bay for "reformatting." It's just what we all do. :)

PostPosted: Thu Aug 03, 2006 1:49 am
by tentagil
another thing to look at, and I'm pretty sure that Pepie would have removed it already; but make sure that there isn't an install.php file in main directory with the config and index file. If it got left in there or the hackers added on it makes for easy access to do this all over again later. So delete that if its there.

PostPosted: Thu Aug 03, 2006 3:23 am
by Greyryder
Weirdwolf at the 2005 forums says that he's worked with PostNuke, before. He said you should just need to download the program, to get a new config.php, and change the settings to match the server settings.

Sorry, I know nothing about this. Just passing along, what I've been told.

PostPosted: Thu Aug 03, 2006 3:28 am
by plowking
Man I am glad to see you guys....pleases do what you can to get it all back....all day yestreday I was like WTF!!!...stupid little hackers...someone hacked TFans too, but it wasnt this bad...

PostPosted: Thu Aug 03, 2006 6:46 am
by AceBaur Prime
I clicked on the link when the hacker page came up and it went to a forum in some crazy language like russian or something. Don't those people have anything better to do than mess with this site? At least Devs got rid of their stupid webpage and retarded music.

Unfortunately I know nothing about webpages... I'm sure we'll be able to find someone in the TF community who can help

PostPosted: Thu Aug 03, 2006 11:31 am
by original_galvatron_01
well the way i see it we have the most capable people on the matter, and not to make fun of the community here but in some way we are all nerds in some aspect, someone here is bound to have the knowledge to unlock this matrix and light the darkest hour here at trasntopia, i believe in that and it helps keep me going.

PostPosted: Thu Aug 03, 2006 1:15 pm
by Sodawilly
I just noticed today that back on July 25, a guy tried to get in my site, but couldn't but left a bunch of crazy messages in my guestbook.....I have since deleted them today because they were just jibberish, but I did decide to do a back trace on his IP address and found out who the bastard was, and I posted his info on the page. See for yourself!

http://www.freewebs.com/sodawilly/sodawillysrantsnraves.htm

Hope everything gets worked out ok,

-Gregg