Jump to content

If you're on Assfault Junkies, change your password here immediately


Casper

Recommended Posts

If you're on Assfault Junkies, and you use the same password here, change your password here on Ohio Riders immediately. Their user database table has been posted publicly online.

I sent Brandon a message to let him know. He's having his web guy look into it. But if you're a member on there and here, please change your password here immediately.

Edited by Casper
fixed, only have to change your password if they're the same on both sites
Link to comment
Share on other sites

how'd this happen, and how did you find out?

Looks like a shell was uploaded somehow. Shells give them full access to the database.

I found it by a complete fluke searching on Google. I always check user registration emails to make sure they aren't obvious spam. The first thing that came up was the dump. First thing I did was shoot Brandon a message. The next thing I did was search for OR dumps. LOL

Link to comment
Share on other sites

from one of the board members that handle the back end of it, the passwords should still be secure since they are... hashed? i dunno, the explanation made sense, but he said to change the password if it makes you feel better. i just went ahead and changed it.

Link to comment
Share on other sites

from one of the board members that handle the back end of it, the passwords should still be secure since they are... hashed? i dunno, the explanation made sense, but he said to change the password if it makes you feel better. i just went ahead and changed it.

Right.

Our PW's "should" look something like:

0xC23413A8A1E7665fAAD3B435B51404EE

I have access to all the back-end but haven't taken a look myself.

Link to comment
Share on other sites

from one of the board members that handle the back end of it, the passwords should still be secure since they are... hashed? i dunno, the explanation made sense, but he said to change the password if it makes you feel better. i just went ahead and changed it.
Right.

Our PW's "should" look something like:

0xC23413A8A1E7665fAAD3B435B51404EE

I have access to all the back-end but haven't taken a look myself.

:lol:

Change them. Trust me. It's just a salted MD5 hash. If you don't believe me, just Google for something like decrypt md5. If there was a safe password encryption that nobody could crack, then sites, businesses, banks, etc wouldn't get hacked.

Link to comment
Share on other sites

wow.

do you get the impression this is a directed/malicious attack on that site specifically, or just people snooping around for any viable targets?

I'm guessing here, but if I had to bet I'd say the shell was embeded in a skin. They're using a premium skin from Skinbox. The top two likely choices are they downloaded the skin from an unsafe source (IE: Not a legit copy) and that source embed the shell in it, or it ended up in the style somehow else. These are not targeted attacks. Generally, they get the shell out to as many sites as possible. Then they can Google for a phrase in the shell, or possibly have a callhome function in the shell to locate the sites infected.

Link to comment
Share on other sites

:lol:

Change them. Trust me. It's just a salted MD5 hash. If you don't believe me, just Google for something like decrypt md5. If there was a safe password encryption that nobody could crack, then sites, businesses, banks, etc wouldn't get hacked.

Meh.

If I start randomly posting crazy stuff on here.. I SWEAR it's the hacker!

Link to comment
Share on other sites

casper do you have the URL where you originally saw this?
Yes, but no I won't share it. Brandon has it. If he wants to share it he can.
Meh.

If I start randomly posting crazy stuff on here.. I SWEAR it's the hacker!

And I swear I'll ban your account. :D
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...