singapore: the smallest big galery
home » forum » News Archive » get a life...

You are not logged in.

#1 2004-12-10 02:24:36

tamlyn
Lead Developer

get a life...

Some idiots decided it would be fun to exploit a recently discovered vulnerability in phpBB (our forum software) to play around with this website. On the whole not much damage was done as the attackers only had access to the world writable areas of the server however all post attachments and avatars have been lost. phpBB has been upgraded and there should be no further problems.

Offline

 

#2 2004-12-10 02:31:05

tamlyn
Lead Developer

Re: get a life...

Maybe I'm taking this too personally but it makes me feel slightly sick that these individuals chose to attack an open source project that has not done ANYTHING to anyone EVER. As if I haven't got better things to do than spend the day reviewing, patching and upgrading everything.

I even considered packing the whole thing in but in the end decided I shouldn't let it get to me.

This may be a little innappropriate but I feel the need to say it somewhere:

Hey you.
Fu*k you.
F*ck your friends and
(optionally) your family.
Fu*k your box
(oooh, getting personal now).
F*ck your miserable existence.
Fu*k you.


On a lighter note singapore 0.9.11 is just around the corner and should be released within the next 7 days. It features a few bug fixes of its own, a new install & uninstall process and fully functional easy MySQL and SQLite backends! Check out the CVS version if you can't wait...

Offline

 

#3 2004-12-10 03:27:58

hcgtv
Member

Re: get a life...

I wouldn't let it get to you, it happens all the time.

That's why I backup every night and I have a backup server just in case.

What's sad to say is that it's going to get worse, before it gets worse smile


[url=http://bertgarcia.com]Bert Garcia[/url],  Use the Source: [url=http://phpxref.com]PHPXref[/url]

Offline

 

#4 2004-12-10 14:42:17

tamlyn
Lead Developer

Re: get a life...

Yeah I know. I just needed to shout a little wink

I appreciate that it's a thrill to gain unauthorised access to things and that hacking a big corporate company may give the attacker an anarchic sense of fighting the establishment. But an open source project?! Surely in the spirit of open source it would be better to (as has previously happened) alert the site admin of the vulnerability without actually doing any damage...

Offline

 

#5 2004-12-11 22:03:01

chris52389
Member

Re: get a life...

That sucks. Do you have the attacker's IP or any other information on the attacker? :twisted:
But seriously, attacking a project as innocent as singapore (not like its SCO or something) is really low.

Offline

 

#6 2004-12-12 21:10:03

hcgtv
Member

Re: get a life...

Just to make you feel better, Nucleus blogs got hit by comment spam starting early Saturday morning.

One of our developers adapted a plugin from Pivot to blacklist certain urls included in comments.

All is back to normal now but it was tense there for a few hours.


[url=http://bertgarcia.com]Bert Garcia[/url],  Use the Source: [url=http://phpxref.com]PHPXref[/url]

Offline

 

#7 2005-04-22 08:19:39

Guest
Guest

Re: get a life...

How can someone attack a site with a giant flower on it?   big_smile

I'm new.  Trying out Mambo.. I really struggle getting my own design "around" Mambo.  Or is it the other way around?  Anyways, you have a nice design here.  It's one of the few of these CMS sites that actually look good and clear.

Here's wishing those hackers get diarhea in 5'oclock traffic after 2 bowls of brain cerial.   :mrgreen: