ZX6R
Member
They use an exploit to presumably run a command on the server, which would copy the site code back to the attacker, who is free to do whatever they want with it.
5/17 Site Attack
- Thread starter Dragoneer
- Start date
- Status
CrescentStarHusky
Everything is like a galaxy, mysterious~
I want powdered doughnuts now OMG
I'm sorry. I just could not understand...use português please.
then we can translate it. That might work better.
FatalSyndrome
Member
I'm sorry your translator isn't getting your messages out correctly. Try just typing it in your language, and we can translate it. This must be frustrating for you.
foxenbperry
New Member
then go get powdered donuts before your cravings get too bad x3
Bannor
freakin' n00b
Oh, crap - this is starting to make sense to me! Should I be worried?
CrescentStarHusky
Everything is like a galaxy, mysterious~
I don't have any! *dies*
I honestly do not believe Dragoneer is telling the full story. Yes, it is true that someone got the source code and loaded it on a USB, but I think there is more to this story.
One thing he isn't telling you was that the damage was mostly done when the original imagemagick exploit was discovered and I guarantee that it WAS not patched right away. Quite simply, the admins SCREWED up. The reason I say that is cause how issues were handled in the past. The admins have done a terrible job.
Now why do I say that.
Well here is how the exploit works.
http://www.openwall.com/lists/oss-security/2016/05/03/18
ImageMagick Security Issue - ImageMagick
So what does this mean? I don't understand all this you say.
Well with this exploit, anyone can run a shell command into the server.
What's a shell command?
For those not familiar with Linux, it basically allows direct commands on the server. Commands that would let you delete files, rename files, move files, download the source code. I don't believe the database would be compromised as that requires the knowledge of the mysql password (or a root account). Something that this exploit alone would not provide.
So basically Dragoneer is saying someone with the ability to do a ton of file deletions only took the source code. Yeah, uh huh, and I am the daughter of Zeus.
Dragoneer also says the source code was leaked and then another vulnerability was found and hacked.
I am not saying that this is not possible, but I find it HIGHLY unlikely, unless FA has more holes than swiss cheese. If that is the case, we all should be pointing the fingers at the admins themselves for such poor code. I have some faith that they are not complete imbeciles, but then again what do I know.
One thing he isn't telling you was that the damage was mostly done when the original imagemagick exploit was discovered and I guarantee that it WAS not patched right away. Quite simply, the admins SCREWED up. The reason I say that is cause how issues were handled in the past. The admins have done a terrible job.
Now why do I say that.
Well here is how the exploit works.
http://www.openwall.com/lists/oss-security/2016/05/03/18
ImageMagick Security Issue - ImageMagick
So what does this mean? I don't understand all this you say.
Well with this exploit, anyone can run a shell command into the server.
What's a shell command?
For those not familiar with Linux, it basically allows direct commands on the server. Commands that would let you delete files, rename files, move files, download the source code. I don't believe the database would be compromised as that requires the knowledge of the mysql password (or a root account). Something that this exploit alone would not provide.
So basically Dragoneer is saying someone with the ability to do a ton of file deletions only took the source code. Yeah, uh huh, and I am the daughter of Zeus.
Dragoneer also says the source code was leaked and then another vulnerability was found and hacked.
I am not saying that this is not possible, but I find it HIGHLY unlikely, unless FA has more holes than swiss cheese. If that is the case, we all should be pointing the fingers at the admins themselves for such poor code. I have some faith that they are not complete imbeciles, but then again what do I know.
JusticeForKelo
New Member
I'm starting to think Jane_M_J is a troll or bot.
FatalSyndrome
Member
Lord have mercy, powdered donuts were mentioned and now I'm having an intense hankering...
FatalSyndrome
Member
Here we go with the conspiracy.
FA is full of holes unfortunately. Just because you don't understand the explanation doesn't mean the story is false. Someone hacked it, that's what hacking does.
Bourbon.
Member
FA's code is over a decade old and does have a ton of coding issues and security holes that haven't been fixed. It's entirely plausible that it did go as Dragoneer said and FA's poor infrastructure allowed the damage to be worse than it would have been on other sites.
lone_wolf323
New Member
I think some powdered donuts and some maple glazed ones would sound amazing at this point.
ZX6R
Member
If you think about it, they might have wanted to cover their tracks. If someone else trashes the site using the source code, they're going to be the priority.
Barking-In-the-Dark
New Member
Now, be honest. Raise your hand...
How many of you created FA Forums accounts just because of this.
*Raises hand*
Yup -raises paw-
I hope things get fixed soon, it sucks that this happened and that the site was shut down (on my B-day no less). I also hope the reference sheet my friend and I posted of my Dutch AD isn't gone. I just registered him too.
Lastly I doubt it was Anonymous, they're not a group of folks who prey on furries not to mention if it was them 4chan would be flooded with comments about a raid.
LyrrenClock
Blarg~
I second this notion keep up the good work you IT folks and hope to see it back up soon sucks this all happened...
and yet Dragoneer and friends gets a free pass again. Shouldn't they be held accountable? Dragoneer said with IMVU things would get better.
Psylantwolf
New Member
oddthesungod
:^)
Cara literalmente ninguem ta te entendendo, desiste do google translate e escreve em português mesmo.
LyrrenClock
Blarg~
things honestly have gotten better the site got a new look that actually works and alot of subtle differences and not having to raise funds all the time...changes take time sadly just cause we dont see it doesnt me its not happening
FatalSyndrome
Member
Aw, it's too bad we can't turn this thread into a fun party meeting thing.
AliothFox
That High-Flyin' Foxy
They did get better. The last DDoS attack to seriously take the site down for any real length of time was over a year ago, where before it would reliably go down for days every couple of months. The site can handle a lot bigger loads now (I remember when it would go down if 15k+ were online, now it supports 20-30k+ without any real problems), and the beta actually gets pretty regular updates.
Ya know i used to give the benefit of the doubt to the admins, but I simply can't anymore.
D
Deleted member 82554
Guest
What sort of fucked up security measures do you have in place for someone to be able to hijack the ENTIRE source code?
Oh well, this downtime will at least give some of the other places a chance to shine for a while.
Oh well, this downtime will at least give some of the other places a chance to shine for a while.
- Status