new account
list users
Map DB
Map Access
New map
Edit map

Back to mainpage
BWMN got hacked - but we were lucky06 of August 2006 09:00 AM
Posted by:panschk[FP]

Good sunday morning everyone :]

Someone (I really don't know who would be evil enough to do something like that) deleted all entries to our beloved map database last night.

I really thought all the work we put into this in the last months dissapear from the face of the earth in a few secounds, as I did not do a backup in half a year. I got lucky though, as the great people from my webhoster make backups regulary and were able to put the backup back up (^^). The backup is from friday afternoon, so not too much is lost.

I do not know (yet) what technique the person who did that used, I did not see how it is possible to abuse the scripts on the page to mass delete, so it is possible the hacker somehow got the password to the mysql-Admin area. This password is changed, plus all user-passwords are stored encrypted now in the DB, at least it should not be possible for a hacker to get your personal passwords. You might get "wrong password" messages here and there because of this, please tell me so that I can fix.

Actually I might just do a few updates today and tomorrow, make sure you'll let me know, tuesday I'll be back to my lazy self ;D

Thanks to everyone who supported me.
Thanks again to my great web hoster, I can really recommend them, at least if you speak german ;)

It might help you to get out how all this was done and to prevent it in the future:

At first, the News and Competition sections seemed corrupted. The hacker then was able to delete single maps and the articles section may have been down right from the start.
He then continued a little on the news section and deleted some more maps. And at the end, he must have found a way to delete all maps at once...
Thank you panschk!

The first thing that i saw was the news in PGT, while i read the comments i click refrsh on the web site that i NEVER close and i see your newspost.

Thank you for saving our hard work and everything!

Some ppl just got way too much time on their hands..
but jealousy can be an evil thing
On PGT someone posted SEN was also hacked, and indeed, they had a similar problem. They also got an IP (no proxy), and I suspect that it might have been the same person. You should check that out.
Was just about to say, someone got ahold of Moose's password on SEN, banned all the mods, deleted many pinned topics along with the whole FAQ fourm.
Also, Moose thinks that whoever did it bruteforced the password.
i wrote a final paper about encryption, and making your password secure to bruteforce is very easy
Well, nowadays even 64-char (or more) passwords are "bruteforceable". But I don't think the average hacker has access to massively parallel processing computers ;)
Hmm, a friend of mine runs a small private forum, and he read something about MD5 hashes. He took the hash of my password and reversed the hashing process (you can do that and with a certain percentage you get the actual password) and was sucessfull (of course he informed me and didn't do anything). It was a simple password though, it's just a small private forum.
Well, I don't have any deeper insight into password protection in the internet, but I guess if you got the hashes, you can speed up bruteforce quite a lot...?
Love ya Panschk :P
Lucky that you had a backup ^_^

Woohoo! Yay for BWMN
phew, good to hear ^^

Because of heavy spam on the map comments, it is needed to be logged in to post. We are sorry that this has to be done because nothing else stops spam bots
random map
  (4)The 24th
Newest updates:
  (6)Snowflake Sand..
  (8) Final Explora..
  (6)Redheart SE
  (3)Nobody 0.67
  (4)yet again
  • month 12:
      (4)Oil Flow_0
  • MOTW
  • week 2021.01:
      (3) Lambda 1.0
  • Main Forum
  • Share..(Shade)R)
  • I nee..(
  • Magna..(RedGoliath)
  • No Fo..(Minerals)
  • Feedback
  • This s..(triller1)
  • Rotati..(triller1)
  • Off Topic
  • scm dr..(sugardad)
  • Vetera..(ProTosS4Ev)
  • What's..(triller1)
  • Starcraft 2
  • announ..(triller1)
  • STARCR..(triller1)
  • Search Forum
  • How to make larvae spawn at the bottom right corner  
  • Worker pathing guide - How to debug and balance resour  
  • An elegant way of dealing with cliff asymmetry
  • Competition:
  • Innovative Naturals Competition  
  • Tourney Map Pack Aspirant Suggestions  
  • Maps That Need A Remake  
  • Think Quick Map Contest ($100 prize)