Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Sunday Hacking

Sunday Hacking 10 Sep 2013 03:02 #1

  • Four Pyrates
  • Four Pyrates's Avatar Topic Author
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 2475
  • Thank you received: 145
When I logged on here Sunday, I got a hackers page from India or something like that. I tried three times and got it each time. Was this site hacked or was it my cable provider? Anyone got any ideas?

Please Log in or Create an account to join the conversation.

Sunday Hacking 10 Sep 2013 03:15 #2

  • 2850Bounty
  • 2850Bounty's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 24479
  • Thank you received: 1121
Mike Casey brought it to my attention early Sunday AM.
He was locked out.
I was not locked out, but if I use the forum drop-down menu, that page would open up.

Please Log in or Create an account to join the conversation.

Rick E. Portland, Oregon
2850 Bounty Sedan Flybridge model
Twin 270 HP 5.7's w/ Closed Cooling
Volvo Penta DuoProp Drives
Kohler 4 CZ Gen Set

Sunday Hacking 10 Sep 2013 03:16 #3

  • Go Aweigh2452
  • Go Aweigh2452's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Olalla, WA
  • Posts: 8013
  • Thank you received: 534
The site was hacked but Dave Crowder got the splash page back up. Apparently the hackers were able to get in via the Admin back door. They then logged in as moderators and did their thing. Dave is working on streamlining our BOC website, will upgrade our security software and we will eventually move to a new host site.

In the mean time, I monitor the back door of the website daily to ensure no one else breaks in unregistered... :hand10

Good news is they did not erase our website. I noted they have done that on other sites they have hacked...

Please Log in or Create an account to join the conversation.

Doug ;}
MMSI: 338068776
"Go Aweigh to" Photos < click on red letters... 2001 Bayliner 2452 w/6.2 HO (paid for)


[SIGPIC][/SIGPIC]

Sunday Hacking 10 Sep 2013 04:12 #4

  • Astral Blue
  • Astral Blue's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 2279
  • Thank you received: 12
I'm gonna fess up, it was me. I was trying to liquidate my remaining inventory of mail order brides, herbal Viagra, and offer members an opportunity to get half of my great grandfather's $62 million dollar inheritance if they gave me their social security number, birthdate, bank account numbers and their PayPal user name and password. Dave stopped me dead in my tracks. Geesh, back to the drawing board! :dancban

Please Log in or Create an account to join the conversation.

Ed & Lindsey
Sacramento, CA
1977 Bayliner Victoria "Astral Blue"
Repowered with Perkins 4.108 Diesel
Volvo-Penta 280 Drive
MMSI #: 338127697


Sunday Hacking 10 Sep 2013 04:43 #5

  • Four Pyrates
  • Four Pyrates's Avatar Topic Author
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 2475
  • Thank you received: 145
Ed, It is a crime to confess to a crime that you have no idea how to commit. :90.gif

Please Log in or Create an account to join the conversation.

Sunday Hacking 10 Sep 2013 04:59 #6

  • JimMc
  • JimMc's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 4690
  • Thank you received: 259
Hacking a chat forum just to bring it down ? Why ?

I would think there would be better things to do if you have those skills. Legal things to do.

Please Log in or Create an account to join the conversation.

Jim and Debbie McNeely
New Hope a 2004 Bayliner 305 Sunbridge Express Cruiser
Twin 5.7s with Bravo2 drives
Brighton, Michigan USA
MMSI # 367393410

Sunday Hacking 10 Sep 2013 06:48 #7

  • green650
  • green650's Avatar
  • Visitor
  • Visitor

JimMc;809797 wrote: Hacking a chat forum just to bring it down ? Why ?

I would think there would be better things to do if you have those skills. Legal things to do.


Maybe practice?
Bragging rights in the geek world?
"Hey what's up baby? I broke into BOC last night! You want to party with me?"

Please Log in or Create an account to join the conversation.

Sunday Hacking 10 Sep 2013 07:27 #8

  • Flybird
  • Flybird's Avatar
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 124
  • Thank you received: 3

green650;809805 wrote: Maybe practice?
Bragging rights in the geek world?
"Hey what's up baby? I broke into BOC last night! You want to party with me?"


I like this !!!
;)

Please Log in or Create an account to join the conversation.

"Live Free or Die"
2755 Sunbridge - 1989
OMC / King Cobra 460
Noville / Leman Lake (Lake of Geneva) / Switzerland
46.394550, 6.888680
Photo Album
"sea food" diet principle, "When I sea food, I eat it!

Sunday Hacking 10 Sep 2013 09:17 #9

  • Pete2052
  • Pete2052's Avatar
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 77
  • Thank you received: 0
I've been getting a lot of spam since Sunday....guess the b******* got the membership email address list to sell??

Regards
Pete

Please Log in or Create an account to join the conversation.

Sunday Hacking 10 Sep 2013 11:50 #10

  • 2850Bounty
  • 2850Bounty's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 24479
  • Thank you received: 1121
One past member comes to mind, but he does not possess the skills nor mentality to have done this on his own.

Please Log in or Create an account to join the conversation.

Rick E. Portland, Oregon
2850 Bounty Sedan Flybridge model
Twin 270 HP 5.7's w/ Closed Cooling
Volvo Penta DuoProp Drives
Kohler 4 CZ Gen Set

Sunday Hacking 10 Sep 2013 14:12 #11

  • Pete2052
  • Pete2052's Avatar
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 77
  • Thank you received: 0
I don't think it would necessarily be an ex-boc member, ........more likely one of our foreign friends looking to make a quick buck!

Please Log in or Create an account to join the conversation.

Sunday Hacking 12 Sep 2013 16:19 #12

  • Pete2052
  • Pete2052's Avatar
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 77
  • Thank you received: 0
Anyone else getting a lot of spam of the "enhancement" :90.gif type??

Please Log in or Create an account to join the conversation.

Sunday Hacking 12 Sep 2013 21:25 #13

  • Go Aweigh2452
  • Go Aweigh2452's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Olalla, WA
  • Posts: 8013
  • Thank you received: 534
There is no one source to gather email addys off BOC... Hackers would need to access each members profile... These guys do this hack stuff as a game and bragging rights... As a kick they will sometimes redirect a site. Dave Crowder thinks these last bunch were kids based on their lack of finese in getting into the site...

All they need is some good hacker break into a site and he posts his user name and password to get in... Then others just check in and add their own user name password...

Please Log in or Create an account to join the conversation.

Doug ;}
MMSI: 338068776
"Go Aweigh to" Photos < click on red letters... 2001 Bayliner 2452 w/6.2 HO (paid for)


[SIGPIC][/SIGPIC]

Sunday Hacking 13 Sep 2013 02:16 #14

  • SomeSailor
  • SomeSailor's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 6614
  • Thank you received: 258

Go Aweigh2452;810524 wrote: There is no one source to gather email addys off BOC... Hackers would need to access each members profile..


Actuall... you only need one to work and you can generate a list in mere seconds of all users on any Vbulletin site.

If they get to your ACP.... http://baylinerownersclub.org/forum/admincp/email.php?do=genlist

Please Log in or Create an account to join the conversation.

Sunday Hacking 30 Sep 2013 11:22 #15

  • Pete2052
  • Pete2052's Avatar
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 77
  • Thank you received: 0
Front page hacked again!!

Please Log in or Create an account to join the conversation.

Sunday Hacking 30 Sep 2013 11:28 #16

  • Go Aweigh2452
  • Go Aweigh2452's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Olalla, WA
  • Posts: 8013
  • Thank you received: 534

Pete2052;812589 wrote: Front page hacked again!!


Hit F5 or otherwise, refresh the page: http://www.baylinerownersclub.org/ I don't see it???

Please Log in or Create an account to join the conversation.

Doug ;}
MMSI: 338068776
"Go Aweigh to" Photos < click on red letters... 2001 Bayliner 2452 w/6.2 HO (paid for)


[SIGPIC][/SIGPIC]

Sunday Hacking 30 Sep 2013 12:31 #17

  • SomeSailor
  • SomeSailor's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 6614
  • Thank you received: 258
Doug;

I'm not sure who's running your site right now, but forum.php is run on the server side. Because your files were not deleted only means they chose not to.

The file: http://www.baylinerownersclub.org/forum/index.php is what they have access to. If they are modifying your PHP files, they're in your site.

You guys have a major security issue. Call me and I'll explain more. They can delete, change whatever they chose, and depending on what files they find after your last installs (config.php, install.php, includes and others) they could gain access to your site and your database. (like last time?)

Please Log in or Create an account to join the conversation.

Sunday Hacking 30 Sep 2013 13:29 #18

  • Go Aweigh2452
  • Go Aweigh2452's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Olalla, WA
  • Posts: 8013
  • Thank you received: 534
Mike, I understand. Migration from a good BOC backup is in process and should be done shortly. In addition, BOC has a backup off line. We are not too concerned right now since we have a working copy on another site in a different forum format. Dave has already deleted files like the install.php file off the server for BOC.

I'm in the process of learning the new software from the Admin side as we speak...

I appreciate the concern. We are in good hands now and the old hosting company is about to be shut down. We are on line with a new host.

Please Log in or Create an account to join the conversation.

Doug ;}
MMSI: 338068776
"Go Aweigh to" Photos < click on red letters... 2001 Bayliner 2452 w/6.2 HO (paid for)


[SIGPIC][/SIGPIC]

Sunday Hacking 30 Sep 2013 19:00 #19

  • Scott
  • Scott's Avatar
  • Offline
  • Premium Member
  • Premium Member
  • Posts: 254
  • Thank you received: 16
They must have gotten email addresses because I have received a lot of spam since the break-in, only to the email address that I use here. I just delete it unread. Don't open any of it, especially attachments, if any of you receive this junk.

Please Log in or Create an account to join the conversation.

Scott
Simply Hawaiian
1986 3870
MMSI: 338119843

Sunday Hacking 30 Sep 2013 19:39 #20

  • Pete2052
  • Pete2052's Avatar
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 77
  • Thank you received: 0
Yep, I got a shed load of spam when it happened a few weeks ago.

So why is the BOC forum so vulnerable?........I'm a member of many forums and never had a problem, let alone twice in a few weeks!

Not a criticism, just interested why.

Regards

Pete

Please Log in or Create an account to join the conversation.

Sunday Hacking 30 Sep 2013 20:14 #21

  • Mileskb
  • Mileskb's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 1220
  • Thank you received: 47

Pete2052;812674 wrote: Yep, I got a shed load of spam when it happened a few weeks ago.

So why is the BOC forum so vulnerable?........I'm a member of many forums and never had a problem, let alone twice in a few weeks!

Not a criticism, just interested why.

Regards

Pete



From other threads it seems the problem was more to do with the host company (ISP) than the BOC itself. They are in the process of moving from that host, but communication and reliability is an issue, but they are working through it.

Please Log in or Create an account to join the conversation.

Aquatic Muse
Mount Vernon, WA
MMSI: 367498870
'79 Bayliner Santiago w/ Mercruiser 470 power and drive

Sunday Hacking 30 Sep 2013 20:29 #22

  • Mileskb
  • Mileskb's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 1220
  • Thank you received: 47

Pete2052;812674 wrote: Yep, I got a shed load of spam when it happened a few weeks ago.

So why is the BOC forum so vulnerable?........I'm a member of many forums and never had a problem, let alone twice in a few weeks!

Not a criticism, just interested why.

Regards

Pete



From other threads it seems the problem was more to do with the host company (ISP) than the BOC itself. They are in the process of moving from that host, but communication and reliability is an issue, but they are working through it.

Please Log in or Create an account to join the conversation.

Aquatic Muse
Mount Vernon, WA
MMSI: 367498870
'79 Bayliner Santiago w/ Mercruiser 470 power and drive

Sunday Hacking 30 Sep 2013 22:26 #23

  • Go Aweigh2452
  • Go Aweigh2452's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Olalla, WA
  • Posts: 8013
  • Thank you received: 534
Weird that some are getting emailed spammed by the hackers when my email is all over BOC and I don't get any more then the normal "slut" or drug stuff...

FWIW, we had two different attacks. One is just the splash page by a teen who's hobby is to do such stuff and the other is a serious breach that takes place on a server... They just happen to be one after the other. We have been maintaining security updates. VBulletin has had a serious breach and their response until they figure out what happen is to delete the install.php files in our websites. We were far from the only ones that got taken down last week coincidentally on 9/11...

The teen hacker is here: http://www.hack-db.com/hacker/sultan_brain/all.html It is a game to them. You can see they only got to the splash page but if you do not know how to get to the forum, then you get locked out...

In any case, we are hard at work trying to get up to speed with the new site. The new host is tremendous. Longest response tome to questions has been 15 mins with less then 5 being the norm and we get access to almost everything.

Out new host is www.siteground.com and we will have our site hosted in the "cloud"... There are a lot of good features the new host provides and I think we will be very happy (at least on the Admin side)...

To give you a reference on how f'ed up the old host is... I wanted to change my password for the initial host log in but the site does not allow me to do so because it only accepts certain characters in the password. I have a password that apparently does not conform to their alphabet and it does not allow me to change it. I put in a ticket yesterday to send me a link to auto change my PW like we do here for members that forget their PW... our system sends a new link to that member within a few seconds. I have waited now two days... In the mean time, a hacker may have gotten my old PW and maybe the guy doing this splash page stuff. because I have no access to what the 'new' old PW is, I can't make changes... So, bottom line, we are frustrated with what we are trying to do for BOC and are working hard to get everything in order before we publish.

We should be ready in just hours but I want to hold off a bit and go through the entire site that Dave Crowder is working on before allowing everyone access. Once it is cleared and ready for prime time, you will all get an email as to where to go for the new BOC and you will make up a new PW (or use your original BOC PW, I don't care. We do not see your PW's...

So that is where we are at at this moment... Believe me, we are working hard to get er up... hang in there and have faith...

Please Log in or Create an account to join the conversation.

Doug ;}
MMSI: 338068776
"Go Aweigh to" Photos < click on red letters... 2001 Bayliner 2452 w/6.2 HO (paid for)


[SIGPIC][/SIGPIC]

Sunday Hacking 30 Sep 2013 23:28 #24

  • Saintjon
  • Saintjon's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 1762
  • Thank you received: 54

Four Pyrates;809794 wrote: Ed, It is a crime to confess to a crime that you have no idea how to commit. :90.gif


Obama Supporters, that's why.:90.gif

Please Log in or Create an account to join the conversation.

46' 1991 Holiday Mansion
1998 Chaparral 2835 SS Limited Edition
“The truth is,eveyone is going to hurt you.You just have to find the one worth suffering for.”
― Bob Marley

Sunday Hacking 30 Sep 2013 23:29 #25

  • Saintjon
  • Saintjon's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 1762
  • Thank you received: 54

JimMc;809797 wrote: Hacking a chat forum just to bring it down ? Why ?

I would think there would be better things to do if you have those skills. Legal things to do.


Obama Supporters, that's why.:90.gif

Please Log in or Create an account to join the conversation.

46' 1991 Holiday Mansion
1998 Chaparral 2835 SS Limited Edition
“The truth is,eveyone is going to hurt you.You just have to find the one worth suffering for.”
― Bob Marley
  • Page:
  • 1
Moderators: whiskywizarditsabowtime2
Time to create page: 0.150 seconds
Powered by Kunena Forum