INTERVIEW FOR CSE 2019
All ForumIAS members selected for CSE 2019 Personality Test must submit their details and DAF and register below to receive further instructions and guidance from ForumIAS. Click here to register now
INTERVIEW 2020 CHANNEL
ForumIAS Channel for Interview Preparation is now Active! Please join the channel by clicking here
We are hiring!

[Forum Hacked] Delete your browser cookies and cache memories

13567

Comments

  • So we can deduce that @pizza is @chameli_aunty & other way around
    Fut I don't thank to that
    BTW what's the means of
    PS. I know nothing
    I want to remind you that I have been equipped with extraordinary powers in one secret ID, dont troll if you want to get delivered tomorrow
    If you have some secret powers then please revive the imp ;)
  • So we can deduce that @pizza is @chameli_aunty & other way around
    Fut I don't thank to that
    BTW what's the means of
    PS. I know nothing
    I want to remind you that I have been equipped with extraordinary powers in one secret ID, dont troll if you want to get delivered tomorrow
    If you have some secret powers then please revive the imp ;)
    let me try, inbox me that profile
  • edited August 2016
    May I cut in ?? There is something about these techno threads and discussions which is simply irresistible for me.

    A website is never hacked using javascript per se. Javascript snippets are used to modify behaviors of webpages and their components in certain ways. It used to happen a lot in the early days of Orkut (before 2007) where profiles were disfigured using scripts. But not anymore.

    A website is essentially a computer program written in HTML or some other language (php, xml, python etc.) which is stored on a server. To hack a website you have to hack a server which means gaining access to the some or all of admin rights on a server computer. And then to do some damage you have to modify that program for the worse. So if Forum was indeed hacked (which I highly doubt), some guys gained access to the server and changed some functionalities. Like changing profile thumbnails of many users to a blue power-off button!!

    I don't think users of Forum need to do anything on their end. A website cannot install an unauthorized program on user PC. Chrome, Mozilla, Opera, IE etc. have enough features to stop these. There is even no need to run virus scans etc. Viruses are dinosaurs in this era of ransomware and malware. No one writes them anymore.

    There is only a minor threat to those who login with their Google or Facebook accounts. Their login information is shared with Forum's servers and this information might be stolen and misused for trolling or spamming.
    -----------------------------------------------
    If anything, this is a wake up call for Forum. It should upgrade its servers. I mean literally. The forum server looks awfully outdated. It couldn't handle the bulk traffic after the prelims and slowed down. Time for a change...
  • edited August 2016
    Why I doubt Forum was hacked? (As in "hacked" hacked :wink: )

    1. If I'm a professional or even a high level ameteur hacker, I would never bother hacking Forum. I mean, what would I gain from it ??? Bunch of guys b/w 25 and 35, discussing stuff which world doesn't care about; no money, no hot girls - someone must be fucking retard to hack such dull stuff. I think it's handiwork of some engineering college students, somewhere in India only, looking for some cheap fun.

    2. I didn't use forum yesterday but now you guys say it, I believe that there was some problem. It might have been a denial-of-service attack probably. Sites which invite user content (comments, uploads, feeds) are sweet targets of DoS attacks. And it is technically the easiest attack to carry out. Any good C/C++ programmer can write a decent DoS program.
  • Why I doubt Forum was hacked? (As in "hacked" hacked :wink: )

    1. If I'm a professional or even a high level ameteur hacker, I would never bother hacking Forum. I mean, what would I gain from it ??? Bunch of guys b/w 25 and 35, discussing stuff which world doesn't care about; no money, no hot girls - someone must be fucking retard to hack such dull stuff. I think it's handiwork of some engineering college students, somewhere in India only, looking for some cheap fun.

    2. I didn't use forum yesterday but now you guys say it, I believe that there was some problem. It might have been a denial-of-service attack probably. Sites which invite user content (comments, uploads, feeds) are sweet targets of DoS attacks. And it is technically the easiest attack to carry out. Any good C/C++ programmer can write a decent DoS program.
    Bro, recognize me? I am captain...supermods were deleted, me and dr king were first then root was deleted, then forumias, then neyawn was banned and then all major threads were deleted.... I was not able to login and when ever I was able to, logout was not in my control... forum titles on main discussion page were leading to sufi website.
  • @Root @ForumIAS @Neyawn : Any updates regarding this hack? @Root @ForumIAS profiles seem to have been deleted. Call your security guy for the next forum meet. We'll love to hear him speak too. :angry:
  • edited August 2016
    @jack_dawson thank god, finally someone like you from CS background is here.

    So this is what happened,
    A guy posted this alert document cookies and document location wala script on few threads.

    So the fear is that, has se stolen php session ids of all those people who have visited that particular page which has that script comment? :)
    If yes, what are the measures that we as members without any privilege can take to update our session ids?
  • @chameli_aunty I'm a mechanical engineer by training. Most of the good ones in world of computers are from non-CS/IT background. It's strange but true. Even Yashwant Kanitkar, of 'Let us C' fame, is a mechanical engineer!! But thanks a lot for asking. I won't brag but I've coded some stuff and won recognition in various college fests during graduation.

    I agree that there must have been some unauthorized intrusion in Forum's servers. From what u explained, I can draw following probable conclusions:
    >> Hackers targeted the hosting server of Forum. They entered from some sort of backdoor (eg. SQL injection or XSS method; I forgot its details) to hosting provider Forum uses e.g. unsecured port, weak web server security management, etc. They got access to main server, elevated their privilege (to root, mod, admin etc.) and changed files stored directly in the hosting server.

    >> Sometimes uploaded files, however innocent they may look, could contain a script that when executed on your server completely opens up your website. JPEG files can be big web security risk, even if it’s simply to change their avatar. Most images formats allow storing a comment section which could contain PHP code that could be executed by the server.

    >> The said script on the page might have been served from another URL (e.g. the coaching ads Forum hosts) which gets compromised. It doesn't matter how good Forum's site security is if you link it to insecure JavaScript from a third party.

    >> Admin username/password or an authenticated cookie of some admin/modmight have been sniffed over an insecure WiFi network. This was used to gain access.

    NOTE: I don't know enough to elaborate on the various different ways of implementing the above attacks. I just want to give you a heads up.
  • Dawson bhai, what is failure of bolt in double shear :trollface:
  • I can suggest the following:

    ## Security 101: Grab your web hosting server provider. Ask for the security control and measurement taken by your hosting provider. Outsource your hosting to a reliable provider who provides professional web security and has a good track record.

    ## Get a good web firewall service. Web firewall filters out most malicious traffic, so Forum would be kept safe against most SQL injections, DDoS attacks and XSS attacks. If u guys r using using Windows Server OS, switch over to Red Hat server OS. It's free and gives better protection.

    ## Buy more bandwidth than you you need. It will ward off chillar DoS attacks and also be a big relief to users. The forum bandwidth looks awfully less. It couldn't handle the bulk traffic of a couple of thousand users after the prelims. Put that coaching ad and test-series money to good use.

    ## Do penetration testing for Forum. There are many free products to assist you with this. They work on a similar basis to scripts hackers use.

    ## @ All mods, roots etc : Just change your passwords etc. at regular intervals. A tip: Keep core of password same, just change the suffixes every month with say name of month etc.

    I reiterate, it's handiwork of some engineering college students/ naive amateurs, somewhere in India only, looking for some cheap fun. They hold a grudge against the civil services perhaps. They won't be able to sell or misuse any of this info they tempered with. Stupid fuckers, what a waste of time.

    Finally, there are literally hundreds of things that you need to check to ensure that a website is safe. And no website can be 100% safe. No software was written perfect and there will be always new exploits that needs to be patched.
This discussion has been closed.

Welcome!

We are a secret self-moderated community for Civil Services preparation. Feel free to join, start a discussion, answer a question or just to say Thank you.

Just dont spread the word ;)

Sign in or join with Facebook or Google