|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
04-01-2005, 02:10 AM
|
#1 |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
*** PHPBB board owners : HACKER ALERT ***
If you run a PHPBB forum, be on the watch for a user called "avanluxxia" or "avanluxia"
known emails so far : [email protected] [email protected] [email protected] --------------------------------------- Name Server: NS1.USINGMAC.ORG ICANN Registrar: GO DADDY SOFTWARE, INC. Created: 2005-03-28 Expires: 2006-03-28 Status: ACTIVE Please note: the registrant of the domain name is specified in the "registrant" field. In most cases, Go Daddy Software, Inc. is not the registrant of domain names listed in this database. Registrant: Chardy Wang 15 Upper Boon Keng Rd #12-10-1063 Singapore 380015 Singapore Registered through: GoDaddy.com Domain Name: ALIENFAKE.COM Created on: 28-Mar-05 Expires on: 28-Mar-06 Last Updated on: 29-Mar-05 Administrative Contact: Wang, Chardy [email protected] 15 Upper Boon Keng Rd #12-10-1063 Singapore 380015 Singapore 6598320135 Fax -- Technical Contact: Wang, Chardy [email protected] 15 Upper Boon Keng Rd #12-10-1063 Singapore 380015 Singapore 6598320135 Fax -- Domain servers in listed order: NS1.USINGMAC.ORG NS2.USINGMAC.ORG Domain name: FLASHCUBICLE.COM Administrative Contact: Wang, Chardy [email protected] Nanyang Crescent #12-1063 nanyang Singapore, SG 580015 SG +65.98320135 Technical Contact: Wang, Chardy [email protected] Nanyang Crescent #12-1063 Nanyang Singapore, SG 580015 SG +65.98320135 Registrar of Record: TUCOWS, INC. Record last updated on 07-Dec-2004. Record expires on 27-Nov-2005. Record created on 27-Nov-2004. Domain servers in listed order: NS1.USINGMAC.ORG NS2.USINGMAC.ORG ----------------------------------------------------- If you go to ALIENFAKE.COM you will see mister Wang has been playing with some kind of a hacking script that targets PHPBB boards. He signed up several times for my board today, but luckily I have been revamping and improving my board, and happened to catch him! Alienfake.com was registered 3 days ago, so it was not an existing board that got hacked, but rather a TESTING GROUND for whatever malicious scripts MR CHURDY WANG has been developing. I have disabled user activations now, so anybody attempting to join my forum will have to be approved by me first. I am sorry for this inconvenience, but it is a neccesary action. I have also banned all webmail accounts, and blacklisted his IP. If you run a PHPBB , take a second to secure it the best you can from this guy! 
__________________
 Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
04-01-2005, 02:16 AM
|
#2 |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
HOLY SHIT !!!
It appears CHARDY WANG aka AVANLUXIA has registered at more than 500 PHPBB boards !!! Looks like he planned/plans on taking them ALL down !!!!  http://www.google.com/search?q=avanluxia
__________________
Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
|
04-01-2005, 02:27 AM
|
#3 |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
All registrations appear to be within the past couple days too!
something really big is going on here Maybe I need to phone the authorities in Singapore and have them visit this guy?!? I hope police in Singapore speak english Alot of people's hard work and efforts are at stake here!
__________________
Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
|
04-01-2005, 02:35 AM
|
#4 | |
|
Confirmed User
Join Date: Jul 2004
Location: Chatsworth, CA
Posts: 1,699
|
Quote:
 |
|
|
|
|
|
04-01-2005, 02:35 AM
|
#5 |
|
Confirmed User
Join Date: Aug 2004
Posts: 960
|
are you guys using phpBB 2.0.11?
i didn't see anything abnormal, but i changed my registration admin to be safe. what tha deal? |
|
|
|
|
04-01-2005, 02:39 AM
|
#6 |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
Upon more digging, I found his hacker name is YUDHAX, and his tag line is MAKE LOVE NOT W@R ... he has already hacked/defaced several boards
http://www.google.com/search?q=YudhaX another known email address is [email protected]
__________________
Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
|
04-01-2005, 02:43 AM
|
#7 |
|
Too lazy to set a custom title
Join Date: Apr 2004
Location: Buffalo, NY
Posts: 35,218
|
oh this could be big
|
|
|
|
|
04-01-2005, 02:57 AM
|
#8 |
|
►SouthOfHeaven
Join Date: Jun 2004
Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer
Posts: 28,609
|
This is an old exploit on unpatched board i can tell you the exact line to patch if your not upgraded.
__________________
hatisblack at yahoo.com |
|
|
|
|
04-01-2005, 02:59 AM
|
#9 |
|
►SouthOfHeaven
Join Date: Jun 2004
Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer
Posts: 28,609
|
phpBB Group announces the release of phpBB 2.0.13, the "Beware of the furries" edition. This release addresses two recent security exploits, one of them critical. They were reported a few days after .12 was released and no one is more annoyed than us, having to release a new version in such a short period of time.
Fortunately both fixes are easy and in each case just one line needs to be edited. The first issue is critical (session handling allowing everyone gaining administrator rights) and we urge you to fix it on your forums as soon as possible: Open includes/sessions.php Find: Code: if( $sessiondata['autologinid'] hahahaha $auto_login_key ) Replace with: Code: if( $sessiondata['autologinid'] hahahaha= $auto_login_key ) A second minor issue reported to bugtraq several days ago was the path disclosure bug in viewtopic.php which got fixed by applying the following steps: Open viewtopic.php Find: Code: $message = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1)); Replace with: Code: $message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));
__________________
hatisblack at yahoo.com |
|
|
|
|
04-01-2005, 03:00 AM
|
#10 |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
I am not sure if I am or not STB, as my PHPBB is supplied by my host.
could you please post it here, or email me ff AT gamarays DOT com Thank you
__________________
Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
|
04-01-2005, 03:01 AM
|
#11 |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
ok ... Sigapore police number right from their website is 6 353 0000
is 6 the country code? Does somebody know the proper dialing instructions for singapore?
__________________
Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
|
04-01-2005, 03:02 AM
|
#12 |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
thanks STB!
__________________
Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
|
04-01-2005, 03:02 AM
|
#13 |
|
►SouthOfHeaven
Join Date: Jun 2004
Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer
Posts: 28,609
|
__________________
hatisblack at yahoo.com |
|
|
|
|
04-01-2005, 03:03 AM
|
#14 | |
|
►SouthOfHeaven
Join Date: Jun 2004
Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer
Posts: 28,609
|
Quote:
try this http://www.ustreas.gov/usss/net_intrusion_forms.shtml
__________________
hatisblack at yahoo.com |
|
|
|
|
|
04-01-2005, 03:04 AM
|
#15 |
|
Confirmed User
Join Date: Aug 2003
Posts: 1,798
|
churdy wang ... sounds kinda like what "dirty wang" would be like if it was said by someone with shit in his mouth
__________________
TGP Webmasters: sign up for the top 100 tgp list! Submit galleries If you add me to icq (title) make sure to mention GFY or I'll think you're a bot and deny you. |
|
|
|
|
04-01-2005, 03:15 AM
|
#16 |
|
Confirmed User
Join Date: Jun 2004
Posts: 2,615
|
posting this here facialfreak alerts all the board owners.
so to all board owners better to do some actions now before it's too late.
__________________
I'm a freelance babe! |
|
|
|
|
04-01-2005, 03:18 AM
|
#17 | |
|
Confirmed User
Join Date: Feb 2005
Location: Montreal
Posts: 3,018
|
Quote:
But with this much damning info on him, I think the local Singapore constabulary should pay Mr Dirty Wang a visit ... 
__________________
Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo |
|
|
|
|
