POTENTIALLY A VERY LARGE SECURITY BREACH - Page 3

Ed Miller · #21 05-29-2006, 04:39 AM

Chuck, Mason, and I are discussing this. Someone, please try to create a post with a link in it. We've tried to disable that capability.

[censored] · #22 05-29-2006, 04:45 AM

does this work http://www.myspace.com/

how about this

Ed Miller · #23 05-29-2006, 05:41 AM

Forums brought back up.

Trying to make a post with a link.

Entity · #24 05-29-2006, 06:21 AM

KyleB is looking into the causes of the hacking and how widespread it might be on each infected user's systems right now. Look for updates in the Internet forum.

rt1 · #25 05-29-2006, 07:06 AM

The worst thing you guys can do with viruses like this is assume how things happen. Everything will spin out of control and thats how nasty rumors get started. We need to look at the facts of what happened.

Lets start here

Who got the virus?
What Browser/OS did they use?

Once we figure this out isolating should be a bit easier.

Ryan

Also I'd like to packet sniff any info sent between the client and this guys website... what is the url, I think I remember seeing something like edmiller.has.it ?

rt1 · #26 05-29-2006, 07:07 AM

line breaks dont work?

Mike Haven · #27 05-29-2006, 07:12 AM

Here's a post from the thread, after kyleb's conclusion, purportedly from Ryan11, but whose account has presumably been hacked, too:

":::yawn::: not bad, bud. Your output would look similar to so:

2006-05-29 12:16:07 AM - 24.22.162.154

Display Name: kyleb
MD5 Hash: 557f387ed69ed2f81ffd4263bd8002b5
E-mail: kyle.boddy@gmail.com
Login: kyleboddy
Session: w3t_myid=18077; w3t_key=fb0a4009e19343790134fbe71f1b28ee; PHPSESSID=fe8fe78dd5aa0fcd0b787cd892e42819; w3t_mysess=a529ea43c249fcbee9685c74d8baa9eb-

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3

Anyhow, these actions are the result of your moderator "jasonb" insulting me. I came to these forums legitimately to report a similar hole with pokerroom.com. The difference is that hole allowed access to dump peoples chips. I got banned for spam and called an idiot. That's rediculous.

Unfortunately, the structure of 2p2 is very poor and it is suseptible to a lot of manipulation. The admins have no technical knowledge and basically you are all vuln. If the admins give an apology for the mods conduct, I'll dissapear. If not, well then I guess we'll just have to see what happens next, won't we?

Much Love,
splices"

Dynasty · #28 05-29-2006, 07:20 AM

Quote:

line breaks dont work?

Nope.

Lloyd · #29 05-29-2006, 07:33 AM

He's essentially blackmailing 2+2. Apologize within the next half hour or things will get "ugly". I'd highly suggest discussing this with a security expert immediately, I guess kyle if necessary, and perhaps even consider taking the site offline until resolved. There could be huge liability to 2+2 if they fail to act after being warned like this. Yeah, it's giving in to some jerk but that's better than the alternative IMO.

rt1 · #30 05-29-2006, 07:35 AM

mike, i see in the zoo you edited out kyles post with the code. you could post it here?

thanks,
Ryan