• Forum Moderator applications are now open! If you're interested in joining an active team of moderators for one of the biggest Pokémon forums on the internet, click here for info.

Pokemon Gaming Sphere = H@cked!

Status
Not open for further replies.
C

Chrono Cr@cker

New Member
Joined
Jul 7, 2005
Messages
115
Reaction score
0
I saw a thread in the Mihopa Admin Forum that Pokémon Sphere was hacked and I was shocked when I saw that my whole site was destroyed. Some hacker seems to have got in, most probably through Cutenews and all my files are gone except the index.php, css and the cutenews folder. I wanted to enter my cutenews but my password has been changed and when I view users.db.php, the pass is encrypted and I have to idea as to how I can decrypt it. The user has left a message "We have Hijacked this copy of Cutenews" leaving me more suspicious about his method of entry. Morover, he has linked to http://hackthissite.org as his website and I am searching if there is an article related to Cutenews hacking there. StatCounter which I recently installed gives me useful information about who are the recent users who visited my website. To view it, go to http://pokedrome.com and click on the link at the bottom. Is there a way as to which I can find out the hacker's IP Address or anyother clue as to his identity. Please help me over here!

And If you are the HACKER reading this, please ananymously through a different IP or whatever, please tell me why you did this?

~ Chrono Cr@cker
 
You should ask for assistance from the hosting provider. They'd have all the logs you need.

Not that the IP address would help.

Though I am quite amazed to hear that CuteNews has such a profound vulnerability. Even only PokéFor was mildly damaged in a CuteNews-related exploit.

The reference to hackthissite.org is probably telling you to beef up on security know-how. I did their classic 15-part trail, which is quite effective in teaching the most common exploits in web-based attacks.
 
Zhen Lin said:
You should ask for assistance from the hosting provider. They'd have all the logs you need.

Not that the IP address would help.

Though I am quite amazed to hear that CuteNews has such a profound vulnerability. Even only PokéFor was mildly damaged in a CuteNews-related exploit.

The reference to hackthissite.org is probably telling you to beef up on security know-how. I did their classic 15-part trail, which is quite effective in teaching the most common exploits in web-based attacks.
Click to expand...

IP Address surely wouldn't help as he probably used a Proxy Server or a service like http://silentsurf.com or hacked from another place. I'm shocked that CN has such a vulnerability but I have proof to believe that it was through CN that he entered my site.

~ CC
 
The logs will be useful in alerting you to any suspicious activity. You should try to retrieve the access and error logs before they are cycled.
 
Good idea and Cutenews guys accept they may have a security problem, so if anybody is using it, I suggest you change it.

~ CC
 
We don't know where it lies ;)

I have to say, that hack is really funny... and particularly unoriginal. Isn't it nice that I'm still using Coranto? :D
 
Coranto? Wow, that's a blast from the past. *Remembers when BMG still used NewsPro, which became Coranto*

If there's a vulnerability in CuteNews, I'd say we all have a fairly significant problem on our hands. PocketNews might be next on the hitlist, and I don't think any of us want to see our friends there go down.
 
yeah, i think people should switch to phpnews or coranto which are more safe than fusion news or cutenews.
 
CuteNews is perfectly safe as it is.

I didn't see the hacking, but I pity you CC.

It may be a server problem.


(As for your users.db.php, just do a MD5 on a password and that use the new MD5 in the password section of CuteNews)
 
Admittedly, this is mitigated somewhat by the fact that administrative
access is required, but if an attacker has compromised an
administrative account, they can use this to escalate their
privileges.
Click to expand...
Then it's CC's fault: He didn't have a secure enough password or whatnot.
 
Status
Not open for further replies.
Back
Top Bottom