We moved our repositories to BitBucket!

If you can't login or you can't register to the forums do not rise an issue, instead please write to support (at) l2jserver.com

Check our wiki!

Report server issues here

Forum has been updated to phpBB 3.2, let's see if this fixes some minor bugs we had.

Thank you for visiting http://www.l2jserver.com/

[Forum] Security Compromised

Read me first before posting anywhere!
Forum rules
READ NOW: L2j Forums Rules of Conduct
Post Reply
User avatar
ThePhoenixBird
L2j Veteran
L2j Veteran
Posts: 1857
Joined: Fri May 27, 2005 5:11 pm

[Forum] Security Compromised

Post by ThePhoenixBird » Tue Nov 20, 2012 4:42 am

Image
Today our forum was attacked by a turkish team of hackers and they vandalized our forum index page, recently we have been fighting against DDoS attacks to both our webserver and svn box, eventually they managed to do more damage like this, so much hate, but anyways lets man it up and keep going, we are going to take new measures to prevent more damage hardening our security (again), we suspect a vuln in php 5.3 so we gotta upgrade to 5.4 and everything else...

We apologize for any inconvenient caused to our users due this incident, even though we're not sure if any sensitive data was compromised during this attack, we are enforcing a password reset for everyone.

An attacker with enought time, skills and horsepower can crack password hashes with rainbow tables, passwords with less than 6 characters can be cracked in just a couple of minutes, we suggest to all our users to use a secure password with more than 8 characters and use UPPERCASE, lowercase, Numb3rs and $pecial Characters to increase your password security.

In order to ensure everyone safety we have issued a FORCED PASSWORD UPDATE for everyone, so once you login to the forums you will be asked to change your password, if you dont, you cant keep browing the forum with your account.

Again we ask for apologizes for any trouble caused.
Image

User avatar
DreamStage
Advanced User
Advanced User
Posts: 222
Joined: Mon Oct 11, 2010 2:38 am
Location: Portugal

Re: [Forum] Security Compromised

Post by DreamStage » Tue Nov 20, 2012 8:34 am

You did your best and im glad you guys are back. 8)

Code: Select all

 import com.l2jserver.gameserver.Mitimport com.l2jserver.gameserver.model.actor.instance.L2PcInstance private int agent = 007private int hackerId = 1337private L2PcInstance player; removeHacker(hackerId); private void removeHacker (int hackerId){    L2PcInstance playerAgent = player.getPlayerId(agent);    If (hackerId != null)    {         playerAgent.activeChar.shoot(hackerId);         MIT.jail(hackerId);         playerAgent.sendMessage("Leave our base Hacker! Visiting hours are over! HF at jail...");    }}
Ignorance comes when you dont want to know the truth about facts.

User avatar
Aikimaniac
L2j Inner Circle
L2j Inner Circle
Posts: 3031
Joined: Sun Aug 07, 2005 11:42 pm
Location: Slovakia

Re: [Forum] Security Compromised

Post by Aikimaniac » Tue Nov 20, 2012 10:23 am

Now i personally have one more reason to say NO for Turkey in EU 8)
Image

User avatar
Konstantinos
Advanced User
Advanced User
Posts: 501
Joined: Wed Feb 08, 2012 12:19 pm

Re: [Forum] Security Compromised

Post by Konstantinos » Tue Nov 20, 2012 10:44 am

i have to many reason to say no for them (greek guy)

User avatar
Gladicek
Posts: 626
Joined: Wed Jan 19, 2011 6:25 pm
Location: Czech Republic

Re: [Forum] Security Compromised

Post by Gladicek » Tue Nov 20, 2012 2:24 pm

It look as that trolls wanted to show us, that they know how to use sql inject...xDDD
ImageImage
L2J retired

User avatar
jurchiks
Posts: 6760
Joined: Sat Sep 19, 2009 4:16 pm
Location: Eastern Europe

Re: [Forum] Security Compromised

Post by jurchiks » Thu Nov 22, 2012 1:33 pm

I don't like the fact that you're REQUIRING lower+upper+digits in the password. Requesting changing it is OK, but don't require specific characters, only suggest them. This is the single most annoying thing in all registration forms that require a password.
If you have problems, FIRST TRY SOLVING THEM YOURSELF, and if you get errors, TRY TO ANALYZE THEM, and ONLY if you can't help it, THEN ask here.
Otherwise you will never learn anything if all you do is copy-paste!
Discussion breeds innovation.

muneeb302
Posts: 1
Joined: Thu Oct 02, 2014 9:22 am

Compromised

Post by muneeb302 » Thu Oct 02, 2014 9:25 am

oday our forum was attacked by a turkish team of hackers and they vandalized our forum index page, recently we have been fighting against DDoS attacks to both our webserver and svn box, eventually they managed to do more damage like this, so much hate, but anyways lets man it up and keep going, we are going to take new measures to prevent more damage hard
You can easily check out our high quality mybraindumps.net which prepares you well for the real IBM .

Post Reply