Jump to content



Photo
- - - - -

We Have Been Hacked


  • Please log in to reply
7 replies to this topic

#1 2072

2072

    Casio over god

  • Admin
  • PipPipPipPipPipPipPipPip
  • 1550 posts
  • Gender:Male
  • Location:Somewherebourg
  • Interests:Cinema, Programming, Music and a lot of thing...

  • Calculators:
    AFX2 ROM 1.02, CFX-9940GT+, FX-180P-Plus

Posted 17 November 2012 - 09:32 PM

I have the regret to inform you that a hacker exploited a security flaw in our forum system which allowed him to access the forum database. The hacker did not attempt to break anything. He just planted an hidden script in several core source files of our system while leaving the modification time of these file untouched (to make the detection harder).
The planted script itself is a very well disguised remote shell: http://pastebin.com/zjhFcrkP (The payload is actually contained in the fake hashes spread out in the class, upon execution, the class fetches its own source code, extract the "hashes" and rebuild the code it's intended to execute, this code varies of course.)

All the modifications made by the hacker have been removed but it's safe to assume that he grabbed whatever he could. He probably snatched our member database which includes your email address as well as a hashed (and salted) version of your password. Your actual password can't be easily known by the hacker but it might be possible for the hacker to trick the forum into thinking he is you using the hashed version of the password.
This is why we we'll have to trigger a reset of all the passwords in the following days.
Moreover the forum still uses the MD5 hash algorithm which is no longer considered secure, while the chances for the hacker to crack your password are very low it is recommended to change your password. This might be particularly important if you use the same password elsewhere (which you shouldn't).

#2 2072

2072

    Casio over god

  • Admin
  • PipPipPipPipPipPipPipPip
  • 1550 posts
  • Gender:Male
  • Location:Somewherebourg
  • Interests:Cinema, Programming, Music and a lot of thing...

  • Calculators:
    AFX2 ROM 1.02, CFX-9940GT+, FX-180P-Plus

Posted 18 November 2012 - 01:38 AM

All the members' password have been reset, you need to use the lost password recovery procedure to get a new one. If you can't because your email address is not available any more, use the following form to contact us:
http://www.casiocalc...ilwebmaster.php

Before setting your password you should test its strength using this great tool: https://passfault.ap...ength.html#menu

#3 DJ Omnimaga

DJ Omnimaga

    Casio Freak

  • Members
  • PipPipPipPip
  • 123 posts
  • Gender:Male
  • Location:Quebec (Canada)

  • Calculators:
    Casio FX-7000G, FX-7400G+, FX-7700GE, FX-9750G+, CFX-9850G, AFX 1.0, FX-9860G, FX-9750gII, fx-CG10, fx-CP400, TI-73, TI-80 (broken), TI-81, TI-82, TI-83, TI-83+ (broken), TI-83+ (broken), TI-83+SE (broken), TI-84+, TI-84+CSE, TI-84+CE, TI-85, TI-86, TI-89 Titanium, TI-92, TI-Nspire, TI-Nspire CX, HP 39gII, HP Prime

Posted 18 November 2012 - 05:27 AM

This is why I was always relunctant about using InvisionBoard in the past on any forum I ran. IPB/IB has a long history of security problems, like PhpBB used to have back in the PhpBB2 days. Of course if you keep your software up to date the second an update comes out, you are usually fine, but as soon as you forget it seems like your site can get hacked immediately. Of course it has way more features than SMF and PhpBB, though.

#4 Forty-Two

Forty-Two

    Casio Overlord

  • Deputy
  • PipPipPipPipPipPipPip
  • 528 posts
  • Gender:Male
  • Location:Well, The sign says "You are here"...

  • Calculators:
    Casio fx-CG10 Prizm
    Casio fx-9860GII
    TI-84+ SE

Posted 19 November 2012 - 01:27 AM

All the members' password have been reset, you need to use the lost password recovery procedure to get a new one. If you can't because your email address is not available any more, use the following form to contact us:
http://www.casiocalc...ilwebmaster.php

Before setting your password you should test its strength using this great tool: https://passfault.ap...ength.html#menu


That's a fairly poor analyzer. It disregards spaces, misses common words such as "autocratic" "cream" and "with" (don't judge :P), and fails at guessing the language. The only real indicator of strength is length.

#5 flyingfisch

flyingfisch

    Casio Maniac

  • Deputy
  • PipPipPipPipPipPipPipPip
  • 1891 posts
  • Gender:Male
  • Location:OH,USA
  • Interests:Aviation, Skiing, Programming, Mountain Biking.

  • Calculators:
    fx-9860GII
    fx-CG10 PRIZM

Posted 19 November 2012 - 02:18 AM

well, at least make sure you dont have a bad password. ;)

#6 2072

2072

    Casio over god

  • Admin
  • PipPipPipPipPipPipPipPip
  • 1550 posts
  • Gender:Male
  • Location:Somewherebourg
  • Interests:Cinema, Programming, Music and a lot of thing...

  • Calculators:
    AFX2 ROM 1.02, CFX-9940GT+, FX-180P-Plus

Posted 19 November 2012 - 02:46 AM

That's a fairly poor analyzer. It disregards spaces, misses common words such as "autocratic" "cream" and "with" (don't judge :P), and fails at guessing the language. The only real indicator of strength is length.


It does detect those words as part of the English language, the fact that a word is common has little impact when using a dictionary attack (the number of words in the English language is quite small for a computer anyway...)

But you are right, length is the only real indicator of strength. In my opinion, the best passwords are meaningless sentences such as "I always feed the table before putting it in the fridge!". It makes absolutely no sense but for some reason it's very easy to remember :P and according to the analyser I posted it would take 2.8e+39 centuries to crack for a super computer...
  • MicroPro likes this

#7 flyingfisch

flyingfisch

    Casio Maniac

  • Deputy
  • PipPipPipPipPipPipPipPip
  • 1891 posts
  • Gender:Male
  • Location:OH,USA
  • Interests:Aviation, Skiing, Programming, Mountain Biking.

  • Calculators:
    fx-9860GII
    fx-CG10 PRIZM

Posted 19 November 2012 - 11:49 AM

Posted Image
  • MicroPro, Casimo, naib864 and 1 other like this

#8 Forty-Two

Forty-Two

    Casio Overlord

  • Deputy
  • PipPipPipPipPipPipPip
  • 528 posts
  • Gender:Male
  • Location:Well, The sign says "You are here"...

  • Calculators:
    Casio fx-CG10 Prizm
    Casio fx-9860GII
    TI-84+ SE

Posted 19 November 2012 - 10:13 PM

I love that comic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users