1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

3rd time is a charm?

Discussion in 'BlackHat Lounge' started by idk12, May 19, 2008.

  1. idk12

    idk12 Junior Member

    Joined:
    Mar 12, 2008
    Messages:
    166
    Likes Received:
    21
    seriously how many times (this is the third time by the same fucking group.) is BHW going to get hacked before we know how they are getting in.

    and how many times is BHW going to get hacked before we actually change some board software or take some kind of action to stop them?

    idk if its just me but it really pisses me off when i see they are getting access to such info as the database so easily which has (ip, all post, all topics pretty much everything except passwords are hashed so they cant use those.).... especially when they are selling it!

    Code:
    http://thel3vel.net/forums/index.php?topic=4981.msg20549#new
    can we please change something this time?

    just my opinion, i don't know if others agree or not.
     
  2. PixelMuse

    PixelMuse Newbie

    Joined:
    May 6, 2008
    Messages:
    12
    Likes Received:
    4
    I'm sort of shocked there is no information posted about this. As a user, I seriously uncomfortable with the idea of those guys selling a database that includes user information. I was gone most of yesterday but did notice that BHW was down again. Did they seriously hack it AGAIN? If so I think it is fair to ask what is going to be done to finally secure the site and when it will happen?
     
    Last edited: May 19, 2008
  3. idk12

    idk12 Junior Member

    Joined:
    Mar 12, 2008
    Messages:
    166
    Likes Received:
    21
    yea there was another hack page up, so yea the same group did for the third time. and the database being sold is the main reason why i posted this, the database has everyones info.
     
  4. mentalist

    mentalist Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 23, 2008
    Messages:
    165
    Likes Received:
    71
    This exploit really needs to be patched up. TheL3vel cock knockers club are really getting tiresome with their super l33t hacking scripts!
     
  5. MaestroDelWeb

    MaestroDelWeb Executive VIP

    Joined:
    Nov 5, 2007
    Messages:
    815
    Likes Received:
    869
    Occupation:
    Jack of all trades.
    Location:
    USA
  6. Olly

    Olly Junior Member

    Joined:
    Jun 28, 2007
    Messages:
    153
    Likes Received:
    246
    Seriously, now they're selling the database? That's too far, something needs to be done, I know passwords have higher protection in vBulletin but they can still be cracked, there's a forum that cracks them for free for people. So there's that and god knows what else they have now they have the DB.

    Something definitely needs to be done.
     
  7. Mr Sandman

    Mr Sandman Guest

    WOW.....who here pissed them off like that?
     
  8. idk12

    idk12 Junior Member

    Joined:
    Mar 12, 2008
    Messages:
    166
    Likes Received:
    21
    who knows but obviously its way to easy to hack this website. one post by diamond dave read "the host says that its not anything on the server (os. security scripts ect.) they are gaining access via the board software." if that is so why are we still on vbulletin?
     
  9. snowwhite

    snowwhite Power Member

    Joined:
    Feb 12, 2008
    Messages:
    730
    Likes Received:
    1,415
    Occupation:
    Psychiatrist
    Location:
    Las Islas Filipinas
    This isnt funny anymore! Where are the mods? We are talking about privacy and security here. Our infos being sold on the market? comeon guys!

    And where is that guy who dared thel3vel, he said he would hack their site if they do it again to BHW. Why is their site still up then? I thought you were better as you claim to be?

    Im really frustrated and sad to what is happening
    This forum is GOLD and should be protected the way swiss banks do

    We should really do something about it now

    I say we make the forum ALL private. All membership should be for invitation only like Demonoid

    watcha think?
     
  10. idk12

    idk12 Junior Member

    Joined:
    Mar 12, 2008
    Messages:
    166
    Likes Received:
    21
    i agree with invite only and private but i also think we should change the forum software to smf or phpbb.
     
  11. blanko

    blanko Power Member

    Joined:
    Mar 16, 2008
    Messages:
    588
    Likes Received:
    125

    I'd be game for that.
     
  12. buck

    buck Regular Member

    Joined:
    Apr 8, 2007
    Messages:
    218
    Likes Received:
    66
    phpbb would be less secure in my mind...i really dont think they are doing it through vbulletin exploits rather than server based exploits
     
  13. PixelMuse

    PixelMuse Newbie

    Joined:
    May 6, 2008
    Messages:
    12
    Likes Received:
    4
    I agree with idk12 and Snowwhite but invite / private wont keep them from making hack attempts if its really what they want to do. The site MUST be locked down and made secure regardless of cost. This includes (but isn't limited to), new forum software, firewall security etc.
     
  14. idk12

    idk12 Junior Member

    Joined:
    Mar 12, 2008
    Messages:
    166
    Likes Received:
    21
    i don't think so either but diamond dave said the host said they were sure they weren't gaining access on the other server software side.

    as for forum security i believe it goes as follows:

    1. smf
    2. vbulletin
    3. phpbb
    4. ipb

    so i think we should switch to smf.
     
  15. booman

    booman Regular Member

    Joined:
    Mar 6, 2007
    Messages:
    478
    Likes Received:
    87
    Location:
    USA
    Not just the database, but the what is protected in the VIP sections!

    This forum could die quickly if this keeps happening and nothing drastic is done.
     
  16. Essential Clix

    Essential Clix Executive VIP Premium Member

    Joined:
    Jul 30, 2007
    Messages:
    1,755
    Likes Received:
    2,791
    Location:
    USA
    They said they retaliated because of something one of our members said in a thread just like this one. Childish, I know, but what can we do? I had spoken with one of the members of thel3vel (crzor) and had agreed that we would stop talking shit about thel3vel on this forum, but then that same day I see that they have our database up for sale on their website... What's the point of negotiating after that? That's just downright low.

    Making the forum private won't help. It's security flaws in vBulletin that are the culprit. This forum has tons of flaws. We're working on changing a LOT of things, hopefully later today.

    As for the database being sold, there isnt really anything that can be done. The guy lives in egypt (supposedly), and I doubt they have any cybercrime hotlines over there... Best thing for you to do is change your password, and change your email and paypal passwords if they were the same.
     
  17. ky-ma

    ky-ma Newbie

    Joined:
    Mar 29, 2008
    Messages:
    19
    Likes Received:
    218
    I know nothing about hacking, but I am wondering if the problem is with the board software, why many other very popular boards using vbulletin never get hacked before?
     
  18. Diamond Damien

    Diamond Damien Owner BlackHatWorld Staff Member Jr. VIP

    Joined:
    Oct 27, 2005
    Messages:
    55,622
    Likes Received:
    12,439
    Home Page:
    I have been yelling and screaming at rackspace since 6PM last night. They really let me down. It took them 18+ hours to do a simple restore and get my site working again. I can't tell you how many reps and tickets I've made with them. The up time is very good however their support is spotty especially after the 9-5 work day. When the site was hacked before they kept telling me it was not the server but 3rd party software. After asking alot of questions this time they finally decided to get off their butts and start investigating.

    "There have been over 150 attempts by the 74.59.112.94 ip address in recent weeks and this attacker leveraged a c100.php php "shell" to access resources on your server."

    I am investing some money in software firewall and also another service which costs $600 a year to protect the site from further attacks. I have also been busy contacting the FBI and their webhost. As soon as I learn more I will let everyone else know.
     
  19. Olly

    Olly Junior Member

    Joined:
    Jun 28, 2007
    Messages:
    153
    Likes Received:
    246
    Seems they're hacking via the server...?

    Same, I don't know anything about hacking but I know a lot about forum software, and if there are no addons being used now, and it seems BHW are using the latest software (if not it's been changed to make it seem like they are) then it must be via the server surely.
     
  20. PixelMuse

    PixelMuse Newbie

    Joined:
    May 6, 2008
    Messages:
    12
    Likes Received:
    4
    So how about changing the forum software to something like SMF or IPB? I know IPB isn't free but probably easily affordable from what this website brings in and SMF is free of any cost. You guys knew there was a security exploit in VB since the first or second time the site was hacked, how come the forum software has not been changed yet?

    Edit - I just read your post after posting this -- Thank you Diamond Dave!
     
    Last edited: May 19, 2008