Clan x86

Announcements => [x86] Announcements => Topic started by: iago on December 27, 2010, 11:18:57 am

Title: SMF 1.1.12
Post by: iago on December 27, 2010, 11:18:57 am: Just updated SMF 1.1.11 to 1.1.12. Every time something like this (http://www.exploit-db.com/papers/15823/) comes out, I get a little edgy :)

Let me know if there are any problems.

I looked at SMF 2 again, but they still haven't released it. One of these days, though...
Title: Re: SMF 1.1.12
Post by: Joe on December 28, 2010, 05:22:36 pm: I tried reading it but I can't. I take it those blackhat idiots used an exploit in SMF?
Title: Re: SMF 1.1.12
Post by: iago on December 28, 2010, 06:14:26 pm: No, they don't say how they go in. Long story short, they pwn3d the crap out of 5 or so different sites, ransacked them, then posted about it online (including the sites' full databases). Not pretty. :)
Title: Re: SMF 1.1.12
Post by: rabbit on December 29, 2010, 10:39:18 am: From what I gleaned from that poorly written "press release" was that they went in through Wordpress, not SMF. Did I miss something?
Title: Re: SMF 1.1.12
Post by: iago on December 29, 2010, 11:31:05 am: It isn't so much a press release as a 'zine. And that group (and others) have done several others (the best known one being 'zf05.txt' - zero for 0wnage) where they compromise a bunch of well known security sites, rummage through all the files/passwords/etc, then delete everything and post the full log publicly.

How they got in doesn't really matters - the point is, when I read those it gets me worried and makes me want to update everything and hide under a rock.
Title: Re: SMF 1.1.12
Post by: Joe on December 29, 2010, 11:33:16 pm: iago's scared of elitist script kiddies? At least, that's what they make themselves sound like.
Title: Re: SMF 1.1.12
Post by: iago on December 30, 2010, 06:37:28 am: The people compromising high profile security sites aren't script kiddies -- these guys actually know what they're doing and how to cover their tracks.
Title: Re: SMF 1.1.12
Post by: Blaze on December 30, 2010, 05:26:09 pm: Quote from: iago on December 30, 2010, 06:37:28 am
The people compromising high profile security sites aren't script kiddies -- these guys actually know what they're doing and how to cover their tracks.

And they know how to make these crazy ascii art things. I love those :D
Title: Re: SMF 1.1.12
Post by: iago on December 30, 2010, 05:28:32 pm: The one with the sheep is hilarious. :)

So, there have been a ton of spambots since I updated the forum. I noticed the CAPTCHA got turned off, so I slowly ramped it up until they went away. Unfortunately, it's at the 'very high' level, which I can barely read myself. Ohwell :-/
Title: Re: SMF 1.1.12
Post by: Blaze on December 30, 2010, 10:29:44 pm: Quote from: iago on December 30, 2010, 05:28:32 pm
The one with the sheep is hilarious. :)

So, there have been a ton of spambots since I updated the forum. I noticed the CAPTCHA got turned off, so I slowly ramped it up until they went away. Unfortunately, it's at the 'very high' level, which I can barely read myself. Ohwell :-/

You should set it to something unreadable, and we'll ban anyone who can register since they cheated. Perfect plan!
Title: Re: SMF 1.1.12
Post by: iago on March 12, 2011, 02:47:34 pm: Just updated to SMF 1.1.13. As usual, let me know if there are any issues.
Title: Re: SMF 1.1.12
Post by: Newby on March 14, 2011, 11:38:23 pm: lol @ "There are 185 members awaiting approval."

Fuck that noise.

The coolest e-mail address of the 185 signed up? It's "isexymalebodybuilderposingsuitszme@jmilitaryfitnessquotesnfw.com" on the account Cloriarcics (http://forum.x86labs.org/index.php?action=profile;u=2057).
Title: Re: SMF 1.1.12
Post by: Sidoh on March 15, 2011, 05:46:29 am: Quote from: Newby on March 14, 2011, 11:38:23 pm
The coolest e-mail address of the 185 signed up? It's "isexymalebodybuilderposingsuitszme@jmilitaryfitnessquotesnfw.com" on the account Cloriarcics (http://forum.x86labs.org/index.php?action=profile;u=2057).

APPROVED