Author Topic: SMF 1.1.12  (Read 8151 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
SMF 1.1.12
« on: December 27, 2010, 11:18:57 am »
Just updated SMF 1.1.11 to 1.1.12. Every time something like this comes out, I get a little edgy :)

Let me know if there are any problems.

I looked at SMF 2 again, but they still haven't released it. One of these days, though...

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: SMF 1.1.12
« Reply #1 on: December 28, 2010, 05:22:36 pm »
I tried reading it but I can't. I take it those blackhat idiots used an exploit in SMF?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SMF 1.1.12
« Reply #2 on: December 28, 2010, 06:14:26 pm »
No, they don't say how they go in. Long story short, they pwn3d the crap out of 5 or so different sites, ransacked them, then posted about it online (including the sites' full databases). Not pretty. :)

Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: SMF 1.1.12
« Reply #3 on: December 29, 2010, 10:39:18 am »
From what I gleaned from that poorly written "press release" was that they went in through Wordpress, not SMF.  Did I miss something?

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SMF 1.1.12
« Reply #4 on: December 29, 2010, 11:31:05 am »
It isn't so much a press release as a 'zine. And that group (and others) have done several others (the best known one being 'zf05.txt' - zero for 0wnage) where they compromise a bunch of well known security sites, rummage through all the files/passwords/etc, then delete everything and post the full log publicly.

How they got in doesn't really matters - the point is, when I read those it gets me worried and makes me want to update everything and hide under a rock.

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: SMF 1.1.12
« Reply #5 on: December 29, 2010, 11:33:16 pm »
iago's scared of elitist script kiddies? At least, that's what they make themselves sound like.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SMF 1.1.12
« Reply #6 on: December 30, 2010, 06:37:28 am »
The people compromising high profile security sites aren't script kiddies -- these guys actually know what they're doing and how to cover their tracks.

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: SMF 1.1.12
« Reply #7 on: December 30, 2010, 05:26:09 pm »
The people compromising high profile security sites aren't script kiddies -- these guys actually know what they're doing and how to cover their tracks.


And they know how to make these crazy ascii art things.  I love those  :D
And like a fool I believed myself, and thought I was somebody else...

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SMF 1.1.12
« Reply #8 on: December 30, 2010, 05:28:32 pm »
The one with the sheep is hilarious. :)


So, there have been a ton of spambots since I updated the forum. I noticed the CAPTCHA got turned off, so I slowly ramped it up until they went away. Unfortunately, it's at the 'very high' level, which I can barely read myself. Ohwell :-/

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: SMF 1.1.12
« Reply #9 on: December 30, 2010, 10:29:44 pm »
The one with the sheep is hilarious. :)


So, there have been a ton of spambots since I updated the forum. I noticed the CAPTCHA got turned off, so I slowly ramped it up until they went away. Unfortunately, it's at the 'very high' level, which I can barely read myself. Ohwell :-/


You should set it to something unreadable, and we'll ban anyone who can register since they cheated.  Perfect plan!
And like a fool I believed myself, and thought I was somebody else...

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SMF 1.1.12
« Reply #10 on: March 12, 2011, 02:47:34 pm »
Just updated to SMF 1.1.13. As usual, let me know if there are any issues.

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: SMF 1.1.12
« Reply #11 on: March 14, 2011, 11:38:23 pm »
lol @ "There are 185 members awaiting approval."

Fuck that noise.

The coolest e-mail address of the 185 signed up? It's "isexymalebodybuilderposingsuitszme@jmilitaryfitnessquotesnfw.com" on the account Cloriarcics.
« Last Edit: March 14, 2011, 11:40:46 pm by Newby »
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: SMF 1.1.12
« Reply #12 on: March 15, 2011, 05:46:29 am »
The coolest e-mail address of the 185 signed up? It's "isexymalebodybuilderposingsuitszme@jmilitaryfitnessquotesnfw.com" on the account Cloriarcics.

APPROVED