Stopgap measures

[Sarg]

Yes Erk, but what I meant is: My post had an edit history, even though (I think) I didn't edit it before the attack. Is this possible at all? Or maybe I did edit it but don't remember doing so.

 

[Ceroscuro]

If it didn't have an edit history before the attack, it won't now. Unless, obviously, you've edited it since the attack.

 

[Erk]

You must have edited it and forgotten; you don't necessarily have to have changed it, just clicked edit and submit. That would create an entry in the edit log, which you used to retrieve the post.

 

[ChaosCarlos]

After I told a friend of mine about the attack on RMXP he pointed me towards something about Drubal.

GulfTech has discovered vulnerabilities in XML-RPC for PHP and PEAR XML_RPC, which implement web services using HTTP and the PHP scripting language. Flawed input validation in the parseRequest() function in XML RPC (remote procedure call) servers could allow an attacker to use single quote attributes to escape into the eval() function to execute arbitrary code. A number of popular web applications, such as PostNuke, Drupal, b2evolution, and TikiWiki, use PHPXMLRPC protocol, built on XML-RPC for PHP. A new version of PHPXMLRPC is available to fix the problem. The PEAR XML_RPC flaw resembles the PHPXMLRPC flaw, and is fixed by newly released version 1.3.1 of the software...

I know nothing about programing so this goes way over my head. Anyhoo if this helps in anyway to stop Mr Not-so-nice from returning and doing not-so-nice-things then whatever.

 

[Sarg]

You must have edited it and forgotten; you don't necessarily have to have changed it, just clicked edit and submit. That would create an entry in the edit log, which you used to retrieve the post.

Then I apologize Obviously I must have clicked edit instead of submit or something like that, enough to create that entry on the edit log. A pity that so many other messages got lost.

 

[Gameboy8661]

Wow, RMXP's story is truly an impressive read.

Not that the things that happened here were good, I was just saying.

 

[bluehazed]

yeah.. this is kinda ironic... but hey at least Erk and ccoa have all the messages cleared....
tho that was kinda disturbing..

 

[Taylor]

...oh my. This is crazy.

Isn't there someway to keep a history of backups or somthing? Incase it happens again? (which by hell better not ><)So if the most recent backup is screwed, you use a previous one.

 

[Erk]

Pretty much everyone posting, please read the topic before commenting. Generally that is considered a good first step to posting.

 

[Taylor]

Pretty much everyone posting, please read the topic before commenting. Generally that is considered a good first step to posting.

No, no. I did that.
I was meaning is it possible to set it so it can keep two recent backups or somthing like that? Incase a more recent one is screwed.

 

[Alexx]

Not trying to sound rude or anything... but what's the point in keeping backups if the backup system updates so frequently that even if something goes wrong, it will overwrite the "good" backup with the "screwed up" backup after things went wrong?

 

[Anonymous]

Read. The. Topic.

1. The backups were kept by the host.
2. They were given plenty of time to respond before the next scheduled backup, and failed to properly restore in time.
3. The timing of the backups is completely up to the host, but, once again, they were given more than enough time to do a restore.
4. The host knew about the hack, and did nothing to hurry matters or abort the scheduled backup.

 

[Daemon Raccoon]

I wonder who it was... (Damn them!!:rage: :rage: ) You'd have to have pretty low selfesteem and be emotionally unstable to try and ruin an entire forums just because someone flamed you. Sad so very sad.

 

[Doctor]

So, to sum everything up... you don't think you can fix this, is that it?

Well, what a bummer. In that case, will you delete the bad topics? I don't really see the point to having more than half the forum composed of "sorry, this post was hacked, bla bla bla".

 

[KaitLynn]

@Daemon Raccoon: As has been said many times... this is NOT the place for empty threats and insults to the hacker. Please dont clutter the thread anymore for those actually looking for more information about what happened.

@Flash: Give them time! Its been only a few days and I'm sure they're doing what they can. Over time, posts that have edits will be restored or fixed either by the script or by their owners. Meanwhile the "dead" threads that don't get restored will fall off the board to the bottom of the pile. Mods may choose to prune some larger posts of dead replies... but just give everyone time to react and pull together.

If I may add... I"m not seeing much more useful information from members here other than repeat information. I'd suggest closing this and adding to it if there is more information avaliable. As of now I'm seeing this as becoming more of a headache than its worth to ya'll to keep repeating yourself.

Anywho... my two cents ...

 

[Daemon Raccoon]

@Daemon Raccoon: As has been said many times... this is NOT the place for empty threats and insults to the hacker. Please dont clutter the thread anymore for those actually looking for more information about what happened.

I was just pondering the hacker's mindset and nothing more; I didn't intend for anything insulting or threatening to interperted from my post. ':| gomen nasai

 

[JD_Slasha]

O.O... What the hell? I left for like a freaking week and this all happened?! WOW...... ;.; my Game topic.. my poor, poor game topic ;.;..............

 

[Balian]

well, this is a nice way to come back from vacation... keep on top of this ccoa and erk i hope we find the hacker.

 

[Destined]

He did say something like 'ZOMG 1111!111 No oen said good things in my topic'. Did you have any idea of what topic it was he was on about? If so just find the creator of that topic.. There will be alot you's flame... So rather >_>

 

[Anonymous]

Hackers = lonely little spotty boys with nothing else to do but attempt to destroy a community of people. (seriously, why do people ever want to hack? It's so stupid!)