What was the cause of the redirects?

  • (4 Pages)
  • +
  • 1
  • 2
  • 3
  • Last »

54 Replies - 12112 Views - Last Post: 13 August 2012 - 10:11 AM

#1 Skydiver  Icon User is offline

  • Code herder
  • member icon

Reputation: 3652
  • View blog
  • Posts: 11,421
  • Joined: 05-May 12

What was the cause of the redirects?

Posted 01 August 2012 - 01:16 PM

So what was the cause of the redirects?
Is This A Good Question/Topic? 0
  • +

Replies To: What was the cause of the redirects?

#2 Dogstopper  Icon User is offline

  • The Ninjaducky
  • member icon



Reputation: 2876
  • View blog
  • Posts: 11,050
  • Joined: 15-July 08

Re: What was the cause of the redirects?

Posted 01 August 2012 - 01:18 PM

It appears that we had a malicious malcontent who though it'd be funny to hack our site. I do believe it was a SQL injection even through IPB and with PreparedStatements. When I tlaked to Chris, he said the server guys found the problem, so whatever it was, let's hope we don't get it again.

However, we lost most, if not all of today's posts.
Was This Post Helpful? 4
  • +
  • -

#3 smohd  Icon User is offline

  • Critical Section
  • member icon


Reputation: 1820
  • View blog
  • Posts: 4,627
  • Joined: 14-March 10

Re: What was the cause of the redirects?

Posted 01 August 2012 - 01:42 PM

Still redirected when using my computer, I deleted all cookies and cleared cache but the same thing. Am I hacked also!?
Was This Post Helpful? 0
  • +
  • -

#4 no2pencil  Icon User is offline

  • Admiral Fancy Pants
  • member icon

Reputation: 5382
  • View blog
  • Posts: 27,350
  • Joined: 10-May 07

Re: What was the cause of the redirects?

Posted 01 August 2012 - 01:54 PM

*
POPULAR

View PostDogstopper, on 01 August 2012 - 04:18 PM, said:

However, we lost most, if not all of today's posts.

Great, so I have to re-troll an 11 year old girl.
Was This Post Helpful? 15
  • +
  • -

#5 Skydiver  Icon User is offline

  • Code herder
  • member icon

Reputation: 3652
  • View blog
  • Posts: 11,421
  • Joined: 05-May 12

Re: What was the cause of the redirects?

Posted 01 August 2012 - 01:57 PM

It was a server side hack. Your machine should be okay unless you got directed to that one page that seemed to want Javascript and was trying to force me to open a .pdf file. On a test machine, examining the .pdf seemed to show a corrupted file. Probably part of an exploit.
Was This Post Helpful? 0
  • +
  • -

#6 Kilorn  Icon User is offline

  • XNArchitect
  • member icon



Reputation: 1356
  • View blog
  • Posts: 3,528
  • Joined: 03-May 10

Re: What was the cause of the redirects?

Posted 01 August 2012 - 01:59 PM

I purposely checked out the redirect a couple of times on this work machine with a restore point from last night. Installed at least 1 trojan each time I let the re-directed page load. Fun stuff.
Was This Post Helpful? 0
  • +
  • -

#7 qwertyuu  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 60
  • Joined: 31-July 12

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:07 PM

Maybe it's... one of us?

Just kidding... Got the same problem myself. Cleaning the Firefox's cache made it work right away.

yay!
Was This Post Helpful? 0
  • +
  • -

#8 jared.deckard  Icon User is offline

  • New D.I.C Head

Reputation: 18
  • View blog
  • Posts: 46
  • Joined: 11-July 12

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:08 PM

I don't think they thought it was funny, they knew what they were doing.

Exploit Source: http://ideone.com/6Jm1u
Was This Post Helpful? 1
  • +
  • -

#9 BBeck  Icon User is offline

  • Here to help.
  • member icon


Reputation: 586
  • View blog
  • Posts: 1,306
  • Joined: 24-April 12

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:24 PM

View Postno2pencil, on 01 August 2012 - 02:54 PM, said:

View PostDogstopper, on 01 August 2012 - 04:18 PM, said:

However, we lost most, if not all of today's posts.

Great, so I have to re-troll an 11 year old girl.


Naw. I'll just let that one go. I think the concensus was that everyone thought I was wrong or at least blowing it out of proportion. So, I'll leave it at that. :-)

I did miss about half the posts on that thread though. I went to go do some other stuff and came back an hour later to a mail box full of notifications that people had posted. I deleted all of them in my email because I was going to the forum to read them. So, I went to the forum to read them and got diverted to a bunch of odd websites instead. So, I didn't get to read much after my last post.
Was This Post Helpful? 0
  • +
  • -

#10 smohd  Icon User is offline

  • Critical Section
  • member icon


Reputation: 1820
  • View blog
  • Posts: 4,627
  • Joined: 14-March 10

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:25 PM

Now it is fine...

Quote

However, we lost most, if not all of today's posts.

Not only posts but also PMs. This evening I got a chance to login without a redirect and saw I have new PM, but now it is gone and I havent read it- hope the sender will resend it. And also I see some threads missing replies which were there in the morning.
glad we are back in position now
Was This Post Helpful? 1
  • +
  • -

#11 Duckington  Icon User is offline

  • D.I.C Addict

Reputation: 170
  • View blog
  • Posts: 608
  • Joined: 12-October 09

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:25 PM

View PostDogstopper, on 01 August 2012 - 09:18 PM, said:

It appears that we had a malicious malcontent who though it'd be funny to hack our site. I do believe it was a SQL injection even through IPB and with PreparedStatements. When I tlaked to Chris, he said the server guys found the problem, so whatever it was, let's hope we don't get it again.

However, we lost most, if not all of today's posts.



I thought the whole point of prepared statements was that they seperated the instructions from the data, making it impossible to inject anything....
Was This Post Helpful? 0
  • +
  • -

#12 BBeck  Icon User is offline

  • Here to help.
  • member icon


Reputation: 586
  • View blog
  • Posts: 1,306
  • Joined: 24-April 12

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:28 PM

View Postsmohd, on 01 August 2012 - 03:25 PM, said:

Now it is fine...

Quote

However, we lost most, if not all of today's posts.

Not only posts but also PMs. This evening I got a chance to login without a redirect and saw I have new PM, but now it is gone and I havent read it- hope the sender will resend it. And also I see some threads missing replies which were there in the morning.
glad we are back in position now


I also got a "PM" that "disappeared". I think that was actually part of the attack. When I tried to open it during the attack it redirected me to another site. I tried it several times and that's all it did every time. So, there's a good chance that the PM wasn't real, but just part of the attack.

Unless, I also missed a PM. :-)
Was This Post Helpful? 0
  • +
  • -

#13 no2pencil  Icon User is offline

  • Admiral Fancy Pants
  • member icon

Reputation: 5382
  • View blog
  • Posts: 27,350
  • Joined: 10-May 07

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:28 PM

View Postsmohd, on 01 August 2012 - 05:25 PM, said:

Now it is fine...

Quote

However, we lost most, if not all of today's posts.

Not only posts but also PMs.

Not just posts, not just PMs, but I also created a snippet of jQuery using dynamic Twitter Bootstrap icons.
Was This Post Helpful? 0
  • +
  • -

#14 Mossypne  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 7
  • View blog
  • Posts: 133
  • Joined: 18-August 10

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:35 PM

Do a scan guys. I only redirected nothing loaded or anything but i've ran Malware Bytes and got 1 detected Item. It's still mid scan so i'm not sure if it's this yet but just in case.
Was This Post Helpful? 0
  • +
  • -

#15 atraub  Icon User is offline

  • Pythoneer
  • member icon

Reputation: 759
  • View blog
  • Posts: 2,010
  • Joined: 23-December 08

Re: What was the cause of the redirects?

Posted 01 August 2012 - 02:36 PM

View Postjared.deckard, on 01 August 2012 - 05:08 PM, said:

I don't think they thought it was funny, they knew what they were doing.

Exploit Source: http://ideone.com/6Jm1u

You really believe that someone would take down DIC on purpose? No... No this can't be true. Surely they did it as a joke that got out of hand. Never could they have dreamed that their little prank would keep us from using the site for a few hours AND lose a few posts. That would be... dare I say, "mean"? Someone, please explain to this young lad that no one on the internet is ever intentionally cruel, we're a tight nit group of peace loving activists who always get along.

Now that that's out of my system, let me explain. I know what will happen when I trip one of those fuckers wearing skate shoes... but I still find it hilarious. Case and Point: being malicious can be funny.


View PostMossypne, on 01 August 2012 - 05:35 PM, said:

Do a scan guys. I only redirected nothing loaded or anything but i've ran Malware Bytes and got 1 detected Item. It's still mid scan so i'm not sure if it's this yet but just in case.

Could be from other web related "activity." Everytime I checked I just got a sad nginx message.... It'd be a real trick if DIC didn't use Nginx,then I'd be entertained by all this.

This post has been edited by atraub: 01 August 2012 - 02:45 PM

Was This Post Helpful? 0
  • +
  • -

  • (4 Pages)
  • +
  • 1
  • 2
  • 3
  • Last »