• Register
  • Login
  •          

    HToD

    Image
      What's New

    Moderators: Omphalos, Freakzilla, ᴶᵛᵀᴬ

    HToD

    Postby Omphalos » 08 Apr 2010 00:16

    Looks like its been hacked. Why dont you all just stay away until Chig can fix it tomorrow?
    User avatar
    Omphalos
    Inglorious Bastard
     
    Posts: 6571
    Joined: 05 Feb 2008 11:07
    Location: The Mighty Central Valley of California

    Re: HToD

    Postby SandChigger » 08 Apr 2010 03:24

    Chig has fixed it today.

    Eat my rabbit nugget poopoos, bastard hackers! :twisted:

    It was just the blogs that were hacked, by the way, not the whole site.

    Pretty stupid hackwork, too, considering how obvious it was that something was up from the way they did it, which knocked out the CSS layout and everything.

    Fortunately it wasn't something really destructive like blanking the database entirely. :dance:
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby Eyes High » 08 Apr 2010 09:59

    meanies :evil:
    What fear is there in the night?
    Nothing, but that which is in our own imaginations.
    User avatar
    Eyes High
    Patience Personified
     
    Posts: 2320
    Joined: 22 Jul 2008 15:32
    Location: between the worlds of men and make believe

    Re: HToD

    Postby TheDukester » 08 Apr 2010 13:23

    Wow, what a farce.

    Any suspects? Any evidence pointing to the Friends of James Harwood Society?
    "Anything I write will be remembered and listed in bibliographies on Dune for several hundred years ..." — some delusional halfwit troll.
    User avatar
    TheDukester
     
    Posts: 3808
    Joined: 20 Jun 2008 13:44
    Location: Operation Enduring Bacon

    Re: HToD

    Postby SandChigger » 08 Apr 2010 14:16

    Nah, I don't think they're that talented.

    None of the files on the server had been edited, and there wasn't anything weird in the access logs, but they somehow managed to inject code into the database, so I think they logged in remote and accessed the MySQL via terminal mode. I logged in and contacted my provider and advised them of what had happened and changed my passwords.

    No biggie, this time. :)
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby Omphalos » 08 Apr 2010 15:14

    SandChigger wrote:Nah, I don't think they're that talented.

    None of the files on the server had been edited, and there wasn't anything weird in the access logs, but they somehow managed to inject code into the database, so I think they logged in remote and accessed the MySQL via terminal mode. I logged in and contacted my provider and advised them of what had happened and changed my passwords.

    No biggie, this time. :)


    How do you back your site up? Im sure I could arrange a nightly backup of structure and db to a remote site if you would like. Actually, Raggy has all our sites backed up on cloud servers. Maybe you could do that?
    User avatar
    Omphalos
    Inglorious Bastard
     
    Posts: 6571
    Joined: 05 Feb 2008 11:07
    Location: The Mighty Central Valley of California

    Re: HToD

    Postby Omphalos » 08 Apr 2010 15:15

    SandChigger wrote:Nah, I don't think they're that talented.


    Sounds conclusive then. Harwood must've involved!

    Sue me over that, asshat!
    User avatar
    Omphalos
    Inglorious Bastard
     
    Posts: 6571
    Joined: 05 Feb 2008 11:07
    Location: The Mighty Central Valley of California

    Re: HToD

    Postby SandChigger » 08 Apr 2010 21:33

    Omphalos wrote:How do you back your site up? Im sure I could arrange a nightly backup of structure and db to a remote site if you would like. Actually, Raggy has all our sites backed up on cloud servers. Maybe you could do that?

    The server backs up the physical MySQL database files daily. I download & copy them to other locations every few days. I have multiple copies of all the other files on different machines. (Whenever I edit a file, I include a time & location comment before uploading. That way I can always tell which is the newer copy, the one on the server or the one on the machine I'm using.) I'm pretty covered. I think. ;) In the event of a major hack & total wipe (knock on wood!), I might be able to have everything back up in a day or two. NOT wanting to put that to the test, of course! :D

    I haven't looked into the "cloud server" thingy; will do. Cheers! :)
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby SandChigger » 21 Apr 2010 04:37

    Well, the saga of "JUST HOW FUCKED UP IS NETWORK SOLUTIONS' SERVER MANAGEMENT?!" continues:

    The site has been infected with some sort of malicious javascript on almost all the main and subdomain index pages (index.html & index.php). I discovered the problem around 3:00 PM and uploaded fresh, clean copies of the files from my computer, but when I checked in again less than an hour later (after firing off a rather heated "GET YOUR FUCKING ACT TOGETHER" email at the provider), I discovered the clean copies had been replaced with infected ones again.

    Probably best to stay away until I figure this out.

    I'm starting to consider moving to a new provider now. :twisted:
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby Eyes High » 21 Apr 2010 10:02

    Hope you get this worked out soon. Sorry that you're having to deal with this juvenile attack. :evil:

    Looking forward to when HToD is back to its wonderful self.
    What fear is there in the night?
    Nothing, but that which is in our own imaginations.
    User avatar
    Eyes High
    Patience Personified
     
    Posts: 2320
    Joined: 22 Jul 2008 15:32
    Location: between the worlds of men and make believe

    Re: HToD

    Postby SandChigger » 21 Apr 2010 11:36

    Yeah, just when the Concordance stuff has tentatively gone online and I'm getting ready to publish a Blow-this-Arabic-up-your-bung-Byron! page or two, all hell breaks loose. :twisted:

    Looks like they're on it, but only time will tell.... :)
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby SandChigger » 22 Apr 2010 00:31

    I'm still not sure if the site is OK yet. Safari wasn't affected by whatever it was, to begin with. I looked at the front page with Firefox just now and it didn't bark or wet itself, FWIW.

    I still can't FTP in, waiting for them to set the password correctly for me. (Or for the changes I've made to percolate through their system.) :roll: Once I can get in, I can tell at a glance if a file is infected, because they bloat from 2 or 3 to 10 or 15 KB.

    Stay tuned. :)
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby SandChigger » 23 Apr 2010 08:07

    I finally got FTP access to the server back Friday morning and everything looked OK for the bigger part of the day, but sometime between 6:30 and 7:00 PM the hackers started injecting javascript into the webpages again. I spent an hour or so replacing the infected files just to watch them reinfecting them within minutes of me fixing them. Broke for dinner and have been at it for another hour and a half, but I'm tired and stopping for the night. There's not going to be any new pages added or blogs posted until I either get this problem settled or the site moved to a new provider, so no real point in dropping by and risking your computers!

    I'll post a notice here when it's safe to come back. Ciao for now! :)
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby inhuien » 23 Apr 2010 09:44

    Thanks for keeping us abreast of this cluster fuck. Where's geocities when you need them >)
    Image
    User avatar
    inhuien
     
    Posts: 3629
    Joined: 09 Feb 2008 05:03
    Location: right here as in not (all) there

    Re: HToD

    Postby Omphalos » 23 Apr 2010 13:22

    Sorry, Dude. Sucks.
    User avatar
    Omphalos
    Inglorious Bastard
     
    Posts: 6571
    Joined: 05 Feb 2008 11:07
    Location: The Mighty Central Valley of California

    Re: HToD

    Postby SandChigger » 23 Apr 2010 14:17

    Meh, could always be much worse, I suppose! ;) The hackers aren't particularly malicious—they're not wiping the site or anything like that (yet)—or particularly bright, either, it seems. The code being injected is different from yesterday/day before, and I can actually see lines of it showing through the theme this time if I look at an infected page in Safari. (The javascript is obfuscated/encoded, so you can't really read it, but you can tell it's different just looking at it.) So it seems like a different hacker or group of them ... which means NetSol still hasn't really fixed whatever vulnerability let the first group in. Not as bright as the first group, but still able to get past NetSol security. :roll:

    (Remember that the first groups of blog hackers were smart enough to hack the databases, but the code the ones who hit HToD were inserting broke the blog layout/theme and made it obvious something was up. Same thing with this current group.)

    Ah well.
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby Tleszer » 23 Apr 2010 19:06

    Must be the work of a KJASF member. :lol:
    DUNE, as interpreted by a blue man with a green tushie
    User avatar
    Tleszer
     
    Posts: 2161
    Joined: 17 Feb 2008 18:02

    Re: HToD

    Postby SandChigger » 23 Apr 2010 21:47

    :lol:

    Yeah. If I was a paranoid can't-be-a-hasbeen-'cause-never-was-in-the-first-place washed-up nutjob sci-fi "writer" (snicker) in BFE Norman, Oklahoma, I might actually accuse someone at Dune Novels or KJASF of using their mad skillz to hack my site. Especially since DuneNovels is also with NetSol and they seem to be unaffected.

    But I think we all know that both groups of mouth-breathing droolers are lucky to find their assholes to wipe after shitting (I figure they feel around and determine the sweet spot by tasting their fingertips), so this is a bit beyond them. :lol:
    I have heard of only one mistake that doesn’t have an explanation for a careful reader...with an open mind. (And, no, I’m not going to tell you what it is!) —KJA

    I don't like every writer's style; for instance, I have never been able to get through Ursula LeGuin, China Mieville, or Iain Banks, all of whom are critical darlings. —KJA

    I...had written a bunch of Star Wars and X-Files books...that proved not just that I'm a hack, but that I could write in somebody else's universe... —KJA
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby SandChigger » 25 Apr 2010 09:50

    I'm pretty sure the website is clear again now. No sign of the hackers at all today.

    Allez, allez, outs in free! :)
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby SandRider » 25 Apr 2010 11:53

    I don't get some of this, are these jscripts aimed at your pages alone,
    or are all the accounts from your provider being infected, and you're catching
    the general fallout ?

    if it's just HairyTicks, I don't see how we can't blame Keith, Merritt, and Corporate Dune ...
    ................ I exist only to amuse myself ................
    ImageImage

    I personally feel that this message board, Jacurutu, is full of hateful folks who don't know
    how to fully interact with people.
    ~ "Spice Grandson" (Bryon Merrit) 08 June 2008
    User avatar
    SandRider
    Watermaster
     
    Posts: 6163
    Joined: 05 Oct 2008 16:14
    Location: In the back of your mind. Always.

    Re: HToD

    Postby Freakzilla » 25 Apr 2010 12:05

    Kanly it is then... or are we past that into jihad?
    Image
    Paul of Dune was so bad it gave me a seizure that dislocated both of my shoulders and prolapsed my anus.
    ~Pink Snowman
    User avatar
    Freakzilla
    Lead Singer and Driver of the Winnebego
     
    Posts: 18057
    Joined: 05 Feb 2008 01:27
    Location: Atlanta, Georgia, USA

    Re: HToD

    Postby Nekhrun » 25 Apr 2010 12:57

    SandRider wrote:I don't get some of this, are these jscripts aimed at your pages alone,
    or are all the accounts from your provider being infected, and you're catching
    the general fallout ?

    if it's just HairyTicks, I don't see how we can't blame Keith, Merritt, and Corporate Dune ...

    Don't forget Uncie Mike with his high-level webskillz.
    "If he was here to discuss Dune, he sure as hell picked a dumb way to do it." -Omphalos :character-cookiemonster:

    Happy Memorial Day everyone! -James C. Harwood

    "Three of my videos have over 100 views."
    "Over 500 views for my 'Open Question' video." -Nebiros
    User avatar
    Nekhrun
    Icelandic Wiener
     
    Posts: 3287
    Joined: 10 Feb 2008 16:27

    Re: HToD

    Postby Freakzilla » 25 Apr 2010 13:09

    Nekhrun wrote:
    SandRider wrote:I don't get some of this, are these jscripts aimed at your pages alone,
    or are all the accounts from your provider being infected, and you're catching
    the general fallout ?

    if it's just HairyTicks, I don't see how we can't blame Keith, Merritt, and Corporate Dune ...

    Don't forget Uncie Mike with his high-level webskillz.


    :lol: (Better than mine :cry: )
    Image
    Paul of Dune was so bad it gave me a seizure that dislocated both of my shoulders and prolapsed my anus.
    ~Pink Snowman
    User avatar
    Freakzilla
    Lead Singer and Driver of the Winnebego
     
    Posts: 18057
    Joined: 05 Feb 2008 01:27
    Location: Atlanta, Georgia, USA

    Re: HToD

    Postby SandChigger » 25 Apr 2010 13:55

    SandRider wrote:I don't get some of this, are these jscripts aimed at your pages alone,
    or are all the accounts from your provider being infected, and you're catching
    the general fallout ?

    if it's just HairyTicks, I don't see how we can't blame Keith, Merritt, and Corporate Dune ...

    It's general fallout, not just HToD. I just happened to be unlucky in that my site is hosted on the server being attacked. DuneNovels is with the same provider, but on a different server, so they don't seem to have had any problems.

    If it was a focused attack on HToD, yeah, then I'd suspect something was up. But most of the mouthbreathers surrounding KJA and DumbNovels these days are nothing to worry about.

    (TheKJA does have one follower on Twitter that proclaims himself as an IT wizard, but who knows, you know? TheKJA proclaims himself a writer! :lol: )
    I have heard of only one mistake that doesn’t have an explanation for a careful reader...with an open mind. (And, no, I’m not going to tell you what it is!) —KJA

    I don't like every writer's style; for instance, I have never been able to get through Ursula LeGuin, China Mieville, or Iain Banks, all of whom are critical darlings. —KJA

    I...had written a bunch of Star Wars and X-Files books...that proved not just that I'm a hack, but that I could write in somebody else's universe... —KJA
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Re: HToD

    Postby SandChigger » 06 May 2010 03:00

    Get ready for a

    BLAST from the past!

    TheKJA Emails, coming online on HToD!

    Relive "Only One Mistake" NOW! Other KJA hits COMING SOON!

    http://tiny.cc/53n7l
    User avatar
    SandChigger
    KJASF Ground Zero
     
    Posts: 14490
    Joined: 08 Feb 2008 22:29
    Location: "Whatcha having, shoog? Hurry up and order now, I ain't got all day!"

    Next

    Return to ˲

    Who is online

    Users browsing this forum: No registered users and 5 guests

    cron