What just happened to Brainmeta?, Hacked? Options

[LifeMirage]

The site was down at 2:45 pm central time with some other webpage was in it's place. I assume the site was hacked?

[Shawn]

yes, it was. A first for BrainMeta. Besides brainmeta.com, there are two other websites hosted on this server, but they were not effected. I'm looking into it.

[code buttons]

yes, it was. A first for BrainMeta. Besides brainmeta.com, there are two other websites hosted on this server, but they were not effected. I'm looking into it.

Mind-Brain.org wasn't affected, I noticed. Looked like someone was issuing a Jihad on BrainMeta.

[Shawn]

I believe I have fixed the issue. It involved, in part, a security hole in PHP.

[Enki]

It was something unbelievable.

Hope the hacker can be located by NSA soon.

[Enki]

Should we change passwords Shawn?

[Shawn]

I think it was someone with an IP address indicating they were from Dubai. You do not have to worry about changing passwords since they are encrypted on the server.

[Enki]

Hope some one will be able to teach them a good lesson!

It is a matter of honor to teach them a lesson. Though it looked liked as Jihad hacking but I guess it is another source. Hope 007 can locate them and punish properly.

[Enki]

I think it was someone with an IP address indicating they were from Dubai. You do not have to worry about changing passwords since they are encrypted on the server.

Interesting who from Dubai, at presence of such security measures can dare to hack a server in America. I really do wonder. What a trick.

It once again shows how vulnerable the civilization is to the cyber-terrorism.

[maximus242]

Cyber terrorism on brainmeta? what?!? Couldnt it just be come kid hacker from Dubai who has nothing better to do than hack websites?

..WTH did my avatar go

Edit: Fixed Avatar

[Shawn]

Ok. I have looked into it further and here is what happened. Someone from Cairo with IP 196.218.12.128 (they were not going through a proxy) used the file uploader to upload a file with a .php.gif extension. The file uploader thought it was a .gif file, so it uploaded it, but if you loaded the file in your browser, it would execute the .php script (which is what the file really was, not a .gif). The PHP script was a PHP shell script and directory browser, which enabled the user to delete and modify files. All files were recovered via backups (except for some recently uploaded pics) and the security hole in the file uploader was fixed. The attacker left a big trail, was sloppy, and could have done much worse, which suggests the person was an unsophisticated novice . Nonetheless, incidents like this underscore the fact that brainmeta.com is not invulnerable to attack, though I will do what I can to prevent further incidents.

[Flex]

Lol I do not get what motive the individual could possibly have... What could be gained from hacking Brain Meta?

[maximus242]

The biggest thing puzzling me is the Why, I suspect it is someone with just to much time on their hands or... the anti-christ of brain meta, dattaswami II.

[Shawn]

I'm glad they didn't do any real damage, and it was somewhat amusing while it lasted.... and I got to learn about a great PHP shell script and directory browser. Here's a screenshot of the hack for those who missed it.

[Flex]

Ok I have to admit--that is hardcore (except the layout looks pretty shody). Just curious, but why is Shawn member number 9 instead of 1?

[Hey Hey]

ameer atom in the universe of Brainmeta.

Well done Shawn for sorting it out so quickly.

[Enki]

Ok I have to admit--that is hardcore (except the layout looks pretty shody). Just curious, but why is Shawn member number 9 instead of 1?

Good question. Why number 1 turned into number 9?

Shawn is that you?

[Enki]

ameer atom in the universe of Brainmeta.

Well done Shawn for sorting it out so quickly.

Hahahahahah.

Irrationality in the Universe of Wisdom.

Btw, possibly he is one of the users on Brainmeta.

Ameer are you here? I can tell you a fantastic story about Archangel Jebrail and about a device Mohammed was using to fly on from Arabia to Jerusalem. Really. It is a fairy tale.

So do not do that again with Bainmeta, otherwise the “Gods� from Brainmeta may punish you.

[Hey Hey]

Ok I have to admit--that is hardcore (except the layout looks pretty shody). Just curious, but why is Shawn member number 9 instead of 1?

Good question. Why number 1 turned into number 9?

Shawn is that you?

Also, interestingly, who is number 1?

[Trip like I do]

Hey.... my avatar mysteriously changed again. What's up with that?

[code buttons]

Hey.... my avatar mysteriously changed again. What's up with that?

I think there was another hack attempt. About 12 or so today BM was not available. I was logged-in at the time and when I hit refresh it dissapeared and I got an error message instead. There was no webpage in place this time, like yesterday, though.
Shawn, what if yesterday's "sloppy" hack , as you put it, was some kind of test before a bigger or more organized attepmpt?

[Rick]

BrainMeta is a natural target for jihadist attack for the same reason that I come here. Any place of free exchange of ideas and thoughtful free deliberation is a threat to monotheistic certainty.

[Shawn]

unfortunately there was another attack earlier today. I have not been able to confirm that it was the same person, and this time they attempted to delete as much as they could. I have increased the security on the server, with the result that uploading files has been disabled for the time being, at least until a better solution is put into place.

[Flex]

Well I guess that explains why I could not upload a screen shot from the attack...

[Trip like I do]

.... and explains why I now have no avatar.

[Flex]

.... and explains why I now have no avatar.

I see your new avatar (or lack there of) as a form of modern art--it is very beautiful

[Rick]

Minimalism? I see no avatar now (at this exact momen) when a while ago I was his very nice abstract artwork in a horizontal position with Trip standing by it.

[maximus242]

Seems we also have a spammer who keeps on posting nonsense, this could be the same person. I just deleted one of his spamming topics and moderators will have already seen the reports from HeyHey. It cant be coincidence that there is a spammer and a hacker at the same time, can it?

Any ideas, thoughts on the connection and how to combat our new found internet assailants?

[Hey Hey]

Seems we also have a spammer who keeps on posting nonsense, this could be the same person. I just deleted one of his spamming topics and moderators will have already seen the reports from HeyHey. It cant be coincidence that there is a spammer and a hacker at the same time, can it?

Any ideas, thoughts on the connection and how to combat our new found internet assailants?

Seems we also have a spammer who keeps on posting nonsense, this could be the same person. I just deleted one of his spamming topics and moderators will have already seen the reports from HeyHey. It cant be coincidence that there is a spammer and a hacker at the same time, can it?

Any ideas, thoughts on the connection and how to combat our new found internet assailants?

I have been deleting lots of rubbish (not not yours ) on boards where I can moderate and passing on others to other moderators. The perps were all new members (so registered, posted then disappeared).

We could have a ?? dollar registration fee to all new members, refunded after a ??. Or more registration information required. I know this could be false but the time it would take might put them off. Do they presently need to have a verifiable email address that would mean their ISP could take action. Oh I don't know, let's form a hit squad and take them out! Perhaps we could post replies with recommendations of medication for their condition ... could include suicide pills.

[LifeMirage]

E-mail confirmation and enabling moderators to view and block the IP from spammers should help greatly.


Not sure about offering donation/registration fees again based on what happened last time.