Board index Off Topic Board Off Topic Discussion Issues at coasters2k

Issues at coasters2k

Here, anything goes. Talk about anything that you would like to talk about!

Post March 17th, 2010, 5:53 am

Posts: 277
Points on hand: 77.00 Points
If you guys haven't noticed there's a spam bot plaguing Coasters2k at the moment. He has already hacked both my and TCs account there. If you guys could have a look and suggest some potential solutions that will be great. The hacker is currently hosting Six Flags Fiesta's account.[V]

Post March 17th, 2010, 8:56 am

Posts: 4357
Points on hand: 5,766.00 Points
Location: Cannock, West Midlands, United Kingdom

tharts cus it is sixflagsfiesta

shame on you mikey[:D]
Making screams come true

Post March 17th, 2010, 12:00 pm
Mikey User avatar
Site Admin
Site Admin

Posts: 1598
Points on hand: 6,054.50 Points
Location: Houston, Texas

I closed my account on C2K when I gave up my controlling interest to TConwell. I think its showing up my name because I am the user #1, and that's what will show up if you inject SQL.
Image

Post March 17th, 2010, 12:07 pm
Oscar User avatar
Founding Member
Founding Member

Posts: 14408
Points on hand: 11,938.60 Points
Bank: 187,052.60 Points
Location: California, USA

yeah, sql injection = unsanitized coding somewhere.He can delete everything, load a backup and load a backup db but that means it will only happen again since the exploit is still there.
Support Us! - Click Here To Donate $5 Monthly!
Paradox wrote:
No need to tell Oscar about the problems. He is magic.

Post March 20th, 2010, 1:52 pm

Posts: 5626
Points on hand: 5,993.00 Points
Location: Millbrook, Alabama, USA

Yup. I've been trying to figure out what's up and have messaged the Snitz folks. Oscar, as info for you, we even reloaded the forums from SCRATCH and still it exists. Gotta be a SQL injection somewhere (I agree) ... but where is most definitely the question. We've been keeping up with updates, etc., -- but yeah, this is an issue for the experts.
Sometimes the best thing to say is nothing at all.

Post March 20th, 2010, 4:05 pm
Oscar User avatar
Founding Member
Founding Member

Posts: 14408
Points on hand: 11,938.60 Points
Bank: 187,052.60 Points
Location: California, USA

Check the track exchange or othert custom coding you have.
Support Us! - Click Here To Donate $5 Monthly!
Paradox wrote:
No need to tell Oscar about the problems. He is magic.

Post March 20th, 2010, 5:18 pm

Posts: 4357
Points on hand: 5,766.00 Points
Location: Cannock, West Midlands, United Kingdom

Originally posted by TConwell

this is an issue for the "experts".


i hope you use that word lightly [blah]
Making screams come true

Post March 20th, 2010, 5:32 pm
Mikey User avatar
Site Admin
Site Admin

Posts: 1598
Points on hand: 6,054.50 Points
Location: Houston, Texas


Post March 20th, 2010, 5:52 pm

Posts: 4357
Points on hand: 5,766.00 Points
Location: Cannock, West Midlands, United Kingdom

now everyone get this mind blowing picture of mikey having her in the shower.

great isnt it
Making screams come true

Post March 23rd, 2010, 6:35 am

Posts: 5626
Points on hand: 5,993.00 Points
Location: Millbrook, Alabama, USA

[lol]!
Sometimes the best thing to say is nothing at all.

Post March 31st, 2010, 12:28 am

Posts: 253
Points on hand: 2,588.00 Points
Location: Berkeley, CA, USA
Restore the db, lock all the tables relating to the user or security (anything with passwords or permissions information) then monitor the logs for access errors. You should be able to spot an error thrown from a routine that shouldn't be accessing those tables.

Man, Shaggy needs to ditch that 'stash. I'm hearing Shaggy but I'm seeing Lando Calrissian.
Be sure you're not looking in a mirror before you start pointing fingers.


Return to Off Topic Discussion

 


  • Related topics
    Replies
    Views
    Last post
cron