The official news on the forums being hacked

Ramius

As many of you will have realized, the Penny-Arcade forums were down for a number of hours today.

For those of you who care about the details, I've been told the exploit originated at another site on the cluster. I was concerned that there was an as-yet-unannounced phpBB exploit which is what prompted me to take the forums down despite the fact that the only thing missing was the index.php file.

Interestingly, it is due to penny-arcade still using the legacy .php3 (rather than .php) notation on it's front page that kept that from being overwritten as well.

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

Legacy

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

switchstance

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

Agreed. I'm just glad to have it back.

the cheat

i'm sure someone has a screenshot of it laying around.

Thandor

Legacy wrote:

The font is either too big, or bolded...something like that.

Aye

Barcardi

i do... give me a minute here

edit: this is before the haxors or whatever own you thing

thedude_frombaywatch

Thanks a lot. We all appreciate it!

Ledneh

I think there was blank space between the headers--"Chat, chat, chat it up" was separated more from the last Public forum, "It came from Linksville!"

Or something like that. :?

Rivulent

Sucks ;(.

Snowcone

switchstance wrote:

Agreed. I'm just glad to have it back.

Word.

Orthanc

I think the fonts are wrong.

But thanks for fixing all this up, if you have any more details as to exactly how they got in I'd be interested.

Well I'm off to my webserver
find / -name *.php -exec sed -e "s/php/php3/g" {} \> {}3

Legacy

There we go.

Perfect.

Wally

Fucking right on! We are back in business. You the man, Ramius. :^:

Ramius

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

Legacy

Ramius wrote:

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

Yeah. Looks exactly how it should now. Awesome.

Orthanc

Ramius wrote:

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

back to normal :^:

drinks are on the house

Barcardi

http://a.1asphost.com/barcardi/pamexican.JPG

for anyone that is interested

futility

Orthanc wrote:

Ramius wrote:

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

back to normal :^:

drinks are on the house

hooray!

Orthanc

futility wrote:

Orthanc wrote:

Ramius wrote:

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

back to normal :^:

drinks are on the house

hooray!

Yep, now if someone's got a ladder we can get them down

Dog

Barcardi wrote:

http://a.1asphost.com/barcardi/pamexican.JPG

for anyone that is interested

Pssst... That's Portuguese, my bubbly friend.

futility

Orthanc wrote:

futility wrote:

Orthanc wrote:

Ramius wrote:

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

back to normal :^:

drinks are on the house

hooray!

Yep, now if someone's got a ladder we can get them down

booo!!!

Ramius

futility wrote:

Orthanc wrote:

futility wrote:

Orthanc wrote:

Ramius wrote:

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

back to normal :^:

drinks are on the house

hooray!

Yep, now if someone's got a ladder we can get them down

booo!!!

I hope you are not boo'ing the joke, because I thought it was pretty funny.

Artoria

How to deal with the hackers! I say we Nuke their IPs

Legacy

dragonsama wrote:

As for how to deal with the hackers We can always Nuke their IPs

How about we E-MAIL BOMB 'EM?! KEKEKEKEKE ^_^!

Wally

It's time for them to reap the whirlwind.

Dynagrip

Oh hey, the last post times aren't updating quite right on the index page.

Deusfaux

Ramius, if someone can hack the forums, can they see my username and password? That bugs me.

Orthanc

Deusfaux wrote:

Ramius, if someone can hack the forums, can they see my username and password? That bugs me.

Assmuming phpBB takes the standard precautions, they couldn't have seen your password. The password is normally encrypted in such a way that you can check it is correct, but you can't get the origional password back.

futility

Ramius wrote:

futility wrote:

Orthanc wrote:

futility wrote:

Orthanc wrote:

Ramius wrote:

Legacy wrote:

Ramius wrote:

There may be some quirks with the index page because it may be missing some recent changes. It looks "off" to me, but I'm not sure what about it looks wrong yet. I didn't do much to that file, though, so it shouldn't be anything terrible to fix.

The font is either too big, or bolded...something like that.

now does it look right?

I think it was the stacked "last post" that was throwing it off the most.

back to normal :^:

drinks are on the house

hooray!

Yep, now if someone's got a ladder we can get them down

booo!!!

I hope you are not boo'ing the joke, because I thought it was pretty funny.

no sir... the lack of ladders

BesigedB

Deusfaux wrote:

Ramius, if someone can hack the forums, can they see my username and password? That bugs me.

password is md5d in the database. only way to break it is to brute force it against an md5 dictionary

Anatole

dragonsama wrote:

How to deal with the hackers! I say we Nuke their IPs

Great idea! I know if I'm a hacker taking on one of the most visible and high-traffic websites on the Internet, I do the hacking from my home computer, using an ISP that has my personal billing information.

Starfuck

Anatole wrote:

dragonsama wrote:

How to deal with the hackers! I say we Nuke their IPs

Great idea! I know if I'm a hacker taking on one of the most visible and high-traffic websites on the Internet, I do the hacking from my home computer, using an ISP that has my personal billing information.

It was you wasn't it?

Stupid Mr Whoopsie Name

They're close but not quite back to normal. Ramius used to have a gap between each of the major Forums.

I've looked but I don't seem to have an old screencap of it anymore, but if what I'm saying is truly confusing I could easily PS one to explain better.

Paladin

Drat it. I decide to leave and Deputy Modship goes up, Ramius place becomes active, the chatlog gets unlocked, and now the forum is hacked.

I'm an emblem of mediocrity, as long as I'm here nothing exciting will happen.

By the way, Ramius's Place is my favorite forum.

Cilla Black

I tried to go ask the details of what happened on TTB, but I couldn't register. Didn't get the e-mail, and it was to my address.

That was 11:39 this morning, eastern. I still don't have it and I tried to re-send it three times.

I don't think TTB likes me.

Anyway, look at it this way. If nothing interesting like this happened, the day might get pretty dull. Nothing is quite as much fun without a quirk every now and then.

Munkus Beaver

Mr Elliotto wrote:

They're close but not quite back to normal. Ramius used to have a gap between each of the major Forums.

I've looked but I don't seem to have an old screencap of it anymore, but if what I'm saying is truly confusing I could easily PS one to explain better.

i have a screenshot of how they 'used to be'

i just got on so i haven't looked careefully at anything.

i can post if you want

Gorak

I heard it was a Brazillian group of kids called Hax0rs lab (not exactly creative). Apparently they were celebrating their 1000th hacked site by trying to simultaneously hack another 1000.

While they were doing this a guy called CarderBR decided to put the smack down by hacking their site (hax0rslab.org) and it's still down.

Instant karma.

C Note

Divine justice.

Orthanc

he he he

LeaveMeAlone

If I would attack a site like PA, I would try from a WiFi hotspot, then replace the NIC afterward. Don't know if WiFi registers MAC addresses though. Hacking seemed exciting awhile back in highschool, but it's a waste of time and effort now.


good 'ol 139 port.

FyreWulff

Were PMs affected in any way, Ramius? I believe I sent you a PM before it happened, and I haven't seen a response to it, so I wonder if it got lost.