• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

5/17 Site Attack

Status
Not open for further replies.

ZX6R

Member
What I want to know is this:
How could they get whole of the sites code? I mean... only one way I know for sure that, that person could do that is if they worked in the company that runs FA, through like server or something place like that. Because that is one sure way to get the sites code and everything. Every users profile, sent messages, art, journals, favorited art, watchers, all of it, the whole nine yards.
They use an exploit to presumably run a command on the server, which would copy the site code back to the attacker, who is free to do whatever they want with it.
 

CrescentStarHusky

Everything is like a galaxy, mysterious~
Why not? I've still got my VHS tapes from when I was a kid and a good ol' VCR and tube TV..a cuddly maine coon cat and powdered donuts..what about you guys? I mean.. though FA is nice to have.. its only a site...our lives as humans doesn't revolve around being online. See you all on the flipside!
I want powdered doughnuts now OMG
 

hera

Member
I honestly do not believe Dragoneer is telling the full story. Yes, it is true that someone got the source code and loaded it on a USB, but I think there is more to this story.

One thing he isn't telling you was that the damage was mostly done when the original imagemagick exploit was discovered and I guarantee that it WAS not patched right away. Quite simply, the admins SCREWED up. The reason I say that is cause how issues were handled in the past. The admins have done a terrible job.

Now why do I say that.

Well here is how the exploit works.

http://www.openwall.com/lists/oss-security/2016/05/03/18

ImageMagick Security Issue - ImageMagick

So what does this mean? I don't understand all this you say.

Well with this exploit, anyone can run a shell command into the server.

What's a shell command?

For those not familiar with Linux, it basically allows direct commands on the server. Commands that would let you delete files, rename files, move files, download the source code. I don't believe the database would be compromised as that requires the knowledge of the mysql password (or a root account). Something that this exploit alone would not provide.

So basically Dragoneer is saying someone with the ability to do a ton of file deletions only took the source code. Yeah, uh huh, and I am the daughter of Zeus.

Dragoneer also says the source code was leaked and then another vulnerability was found and hacked.

I am not saying that this is not possible, but I find it HIGHLY unlikely, unless FA has more holes than swiss cheese. If that is the case, we all should be pointing the fingers at the admins themselves for such poor code. I have some faith that they are not complete imbeciles, but then again what do I know.
 
I honestly do not believe Dragoneer is telling the full story. Yes, it is true that someone got the source code and loaded it on a USB, but I think there is more to this story.

One thing he isn't telling you was that the damage was mostly done when the original imagemagick exploit was discovered and I guarantee that it WAS not patched right away. Quite simply, the admins SCREWED up. The reason I say that is cause how issues were handled in the past. The admins have done a terrible job.

Now why do I say that.

Well here is how the exploit works.

http://www.openwall.com/lists/oss-security/2016/05/03/18

ImageMagick Security Issue - ImageMagick

So what does this mean? I don't understand all this you say.

Well with this exploit, anyone can run a shell command into the server.

What's a shell command?

For those not familiar with Linux, it basically allows direct commands on the server. Commands that would let you delete files, rename files, move files, download the source code. I don't believe the database would be compromised as that requires the knowledge of the mysql password (or a root account). Something that this exploit alone would not provide.

So basically Dragoneer is saying someone with the ability to do a ton of file deletions only took the source code. Yeah, uh huh, and I am the daughter of Zeus.

Dragoneer also says the source code was leaked and then another vulnerability was found and hacked.

I am not saying that this is not possible, but I find it HIGHLY unlikely, unless FA has more holes than swiss cheese. If that is the case, we all should be pointing the fingers at the admins themselves for such poor code. I have some faith that they are not complete imbeciles, but then again what do I know.
Here we go with the conspiracy.
FA is full of holes unfortunately. Just because you don't understand the explanation doesn't mean the story is false. Someone hacked it, that's what hacking does.
 

Bourbon.

Member
I honestly do not believe Dragoneer is telling the full story. Yes, it is true that someone got the source code and loaded it on a USB, but I think there is more to this story.

One thing he isn't telling you was that the damage was mostly done when the original imagemagick exploit was discovered and I guarantee that it WAS not patched right away. Quite simply, the admins SCREWED up. The reason I say that is cause how issues were handled in the past. The admins have done a terrible job.

Now why do I say that.

Well here is how the exploit works.

www.openwall.com: oss-security - Re: ImageMagick Is On Fire -- CVE-2016-3714

ImageMagick Security Issue - ImageMagick

So what does this mean? I don't understand all this you say.

Well with this exploit, anyone can run a shell command into the server.

What's a shell command?

For those not familiar with Linux, it basically allows direct commands on the server. Commands that would let you delete files, rename files, move files, download the source code. I don't believe the database would be compromised as that requires the knowledge of the mysql password (or a root account). Something that this exploit alone would not provide.

So basically Dragoneer is saying someone with the ability to do a ton of file deletions only took the source code. Yeah, uh huh, and I am the daughter of Zeus.

Dragoneer also says the source code was leaked and then another vulnerability was found and hacked.

I am not saying that this is not possible, but I find it HIGHLY unlikely, unless FA has more holes than swiss cheese. If that is the case, we all should be pointing the fingers at the admins themselves for such poor code. I have some faith that they are not complete imbeciles, but then again what do I know.
FA's code is over a decade old and does have a ton of coding issues and security holes that haven't been fixed. It's entirely plausible that it did go as Dragoneer said and FA's poor infrastructure allowed the damage to be worse than it would have been on other sites.
 

ZX6R

Member
I honestly do not believe Dragoneer is telling the full story. Yes, it is true that someone got the source code and loaded it on a USB, but I think there is more to this story.

One thing he isn't telling you was that the damage was mostly done when the original imagemagick exploit was discovered and I guarantee that it WAS not patched right away. Quite simply, the admins SCREWED up. The reason I say that is cause how issues were handled in the past. The admins have done a terrible job.

Now why do I say that.

Well here is how the exploit works.

www.openwall.com: oss-security - Re: ImageMagick Is On Fire -- CVE-2016-3714

ImageMagick Security Issue - ImageMagick

So what does this mean? I don't understand all this you say.

Well with this exploit, anyone can run a shell command into the server.

What's a shell command?

For those not familiar with Linux, it basically allows direct commands on the server. Commands that would let you delete files, rename files, move files, download the source code. I don't believe the database would be compromised as that requires the knowledge of the mysql password (or a root account). Something that this exploit alone would not provide.

So basically Dragoneer is saying someone with the ability to do a ton of file deletions only took the source code. Yeah, uh huh, and I am the daughter of Zeus.

Dragoneer also says the source code was leaked and then another vulnerability was found and hacked.

I am not saying that this is not possible, but I find it HIGHLY unlikely, unless FA has more holes than swiss cheese. If that is the case, we all should be pointing the fingers at the admins themselves for such poor code. I have some faith that they are not complete imbeciles, but then again what do I know.
If you think about it, they might have wanted to cover their tracks. If someone else trashes the site using the source code, they're going to be the priority.
 
Now, be honest. Raise your hand...

How many of you created FA Forums accounts just because of this.

*Raises hand*:(

Yup -raises paw-

I hope things get fixed soon, it sucks that this happened and that the site was shut down (on my B-day no less). I also hope the reference sheet my friend and I posted of my Dutch AD isn't gone. I just registered him too. :(
Lastly I doubt it was Anonymous, they're not a group of folks who prey on furries not to mention if it was them 4chan would be flooded with comments about a raid.
 

hera

Member
FA's code is over a decade old and does have a ton of coding issues and security holes that haven't been fixed. It's entirely plausible that it did go as Dragoneer said and FA's poor infrastructure allowed the damage to be worse than it would have been on other sites.

and yet Dragoneer and friends gets a free pass again. Shouldn't they be held accountable? Dragoneer said with IMVU things would get better.
 

Psylantwolf

New Member
mtDVBlA.png
 
The branch and full code windows very turns ten 75% or 100% original 3D chrome colors do not please do not face internet I get the link for the Super Server... ?

....Hack.... -_-'''

Cara literalmente ninguem ta te entendendo, desiste do google translate e escreve em português mesmo.
 

LyrrenClock

Blarg~
and yet Dragoneer and friends gets a free pass again. Shouldn't they be held accountable? Dragoneer said with IMVU things would get better.
things honestly have gotten better the site got a new look that actually works and alot of subtle differences and not having to raise funds all the time...changes take time sadly just cause we dont see it doesnt me its not happening
 

AliothFox

That High-Flyin' Foxy
and yet Dragoneer and friends gets a free pass again. Shouldn't they be held accountable? Dragoneer said with IMVU things would get better.

They did get better. The last DDoS attack to seriously take the site down for any real length of time was over a year ago, where before it would reliably go down for days every couple of months. The site can handle a lot bigger loads now (I remember when it would go down if 15k+ were online, now it supports 20-30k+ without any real problems), and the beta actually gets pretty regular updates.
 

hera

Member
things honestly have gotten better the site got a new look that actually works and alot of subtle differences and not having to raise funds all the time...changes take time sadly just cause we dont see it doesnt me its not happening

Ya know i used to give the benefit of the doubt to the admins, but I simply can't anymore.
 
D

Deleted member 82554

Guest
What sort of fucked up security measures do you have in place for someone to be able to hijack the ENTIRE source code?

Oh well, this downtime will at least give some of the other places a chance to shine for a while.
 
Status
Not open for further replies.
Top