Logo

Site Incident - 2022-05-10

Enregistré Connexion Retour aux forums

Post #1 · Posté à 2022-05-10 04:29:28pm il y a 4.7 mois

Offline al2k4
al2k4 Avatar Admin
9,336 Messages
United Kingdom
Reg. 2006-05-01
Log in to send this user a private messageDiscord: al2k4#0144Twitter: al2k4
Xbox Gamer Tag: al2k4Nintendo Switch Friend Code: SW-6451-2397-9509Steam: al2k4
"BEMANI Sound Team"
A script was injected onto a few pages on the site which caused some pages to not load correctly.

The pages affected was limited to what admins could edit; in this case the script was injected to a few sections of the homepage and a forum category name.

As a precaution, I have hardened security on the server and changed various passwords and have advised moderators with admin privileges to also change their passwords.

I will be adding directives to the site so unapproved scripts will not be able to run.

Let me know in this thread if you have any questions or concerns.

Post #2 · Posté à 2022-05-11 12:26:59pm il y a 4.6 mois

Offline AxelWasHere
AxelWasHere Avatar Member
1,489 Messages
United States
Reg. 2012-07-13
Log in to send this user a private message
Steam: bright151
"No."
Legit question, does this pose a threat to our emails / passwords?
https://i.imgur.com/vnrpBDk.gif

Post #3 · Posté à 2022-05-11 01:21:38pm il y a 4.6 mois

Offline travelsonic
travelsonic Avatar Member
177 Messages
Not Set
Reg. 2006-10-18
Log in to send this user a private message
Steam: terminalcancer
Quote
A script was injected onto a few pages on the site which caused some pages to not load correctly.

Can you elaborate more on this? If not, as in for legitimate reasons, dun worry, but I am curious about what happened (and if pages not loading correctly was the extent of it).

Post #4 · Posté à 2022-05-11 06:46:36pm il y a 4.6 mois

Offline SocialDragon322
SocialDragon322 Avatar Member
157 Messages
United Kingdom
Reg. 2019-09-13
Log in to send this user a private message
Sorry then...

Post #5 · Posté à 2022-05-11 08:17:02pm il y a 4.6 mois

Offline al2k4
al2k4 Avatar Admin
9,336 Messages
United Kingdom
Reg. 2006-05-01
Log in to send this user a private messageDiscord: al2k4#0144Twitter: al2k4
Xbox Gamer Tag: al2k4Nintendo Switch Friend Code: SW-6451-2397-9509Steam: al2k4
"BEMANI Sound Team"
Quote: AxelWasHere
Legit question, does this pose a threat to our emails / passwords?

I don't believe any credentials were compromised as the script would not have access to the database.

Quote: travelsonic
Can you elaborate more on this? If not, as in for legitimate reasons, dun worry, but I am curious about what happened (and if pages not loading correctly was the extent of it).

From what I can see in the script, it seemed to try and inject ads onto the site based on which page users visited.

Post #6 · Posté à 2022-05-12 03:59:05am il y a 4.6 mois

Offline SomethingRandom
SomethingRandom Avatar Member
2,705 Messages
United States
Reg. 2015-02-21
Log in to send this user a private messageDiscord: SomethingRandom#3719
Game Center Nickname: blearymoos
"bootylicious "

Post #7 · Posté à 2022-05-12 04:42:19am il y a 4.6 mois

Offline aidan9030
aidan9030 Avatar Member
374 Messages
Canada
Reg. 2015-02-15
Log in to send this user a private messageSoundcloud
CROSS×BEATS User ID: gone...
"3.6 not great not TERRIBLE ok."

Last updated: 2022-05-12 04:48am
is now the time to point out their extensive history of thread (necro)bumping & out-of-context posts?

Post #8 · Posté à 2022-05-23 04:06:20pm il y a 4.2 mois

Offline DDR Addict
DDR Addict Avatar Member
1,454 Messages
United States
Reg. 2009-09-23
Log in to send this user a private messageTwitter: https://twitter.com/Trot100NewsYouTube
Nintendo Network ID: RimeTM3DS Friend Code: 3454-0657-8756
"Let's Do the Rain Dance"
Yesterday, there was an outage for several hours that didn't use the bespoke page regarding server load. Maybe it's just me being too antsy, but can we get assurance that this wasn't another script injection attack that may have been more effective than the last one?

Post #9 · Posté à 2022-05-23 05:20:13pm il y a 4.2 mois

Offline SocialDragon322
SocialDragon322 Avatar Member
157 Messages
United Kingdom
Reg. 2019-09-13
Log in to send this user a private message
And a war attack that won't happen again?

Post #10 · Posté à 2022-05-24 12:20:14am il y a 4.2 mois

Offline Sigrev2
Sigrev2 Avatar Member+
4,047 Messages
United States
Reg. 2009-10-17
Log in to send this user a private messageSkype: slimetimeplayerDiscord: DJ Vortivask #6276Twitter: djvortivaskSoundcloudTumblrYouTube
Xbox Gamer Tag: Sigrev2PlayStation Network: Sigrev2Nintendo Network ID: Sigrev2Nintendo Switch Friend Code: SW-2884-7660-3799Steam: Sigrev23DS Friend Code: 3883-7652-3160
"suffering from success"
Someone let the mice into the machine again smh what did I tell you about cleaning out the crumbs

Post #11 · Posté à 2022-05-25 01:11:55pm il y a 4.2 mois

Offline RGTM
RGTM Avatar Moderator+
7,078 Messages
United States
Reg. 2007-07-19
Log in to send this user a private messageDiscord: RGTM#2428FacebookTwitter: xRGTMxSoundcloudYouTubeTwitch
Nintendo Network ID: xRGTMxNintendo Switch Friend Code: SW-6034-2315-7724Steam: xRGTMxGame Center Nickname: xRGTMx
"BBCode Not Allowed"

Last updated: 2022-05-25 01:24pm
According to al2k4, the incident that occurred last Sunday (May 22, 2022) was caused by the same kind of injection attack, affecting various back-end admin files. This time, .htaccess was edited in a way that was invalid for Apache, leading to the 500 Internal Server Errors. He's currently unsure if there's a vulnerability in ZIv's scripts, or within Apache itself.

At the current moment, Alan said this is going to give him a push to rewrite most of the code for the website, as v5.2 is running off spaghetti dating back to 2006-09 🤢. As such, it's looking like v5.3 is now in development.

ZIv's website files are now being backed up daily, but due to the immense size, the simfile database is not. However, Alan and I brainstormed solutions on how to reduce the current size of this section (473 GB currently). Most of the size is due to duplication, as almost all simfiles are individually zipped, with categories having their own large pack zips. I brought up the idea of having a temporary zip application, which would create zip files upon request. This would only apply to individual simfiles, as temporary pack zips would bog down the website. If temp zips are applied, this would dramatically reduce the size of the simfile database, and would allow room for routine backups. Please do note that this may or may not actually take shape, as it's simply an idea for now.

Please bear with us; there's lots of cleanup in the back end to be done. 🙏
ZIv Mod Squad: "occassional shenanigan maker"
https://cdn.discordapp.com/attachments/248198333200465920/1024369508640632952/EC2E821F-8C1F-4894-9E77-59CB48D2FD35.gif
Enregistré Connexion Retour aux forums

0 User(s) Viewing This Thread (Past 15 Minutes)

©2006-2022 Zenius -I- vanisher.com -5th style- IIPrivacy Policy
Web Server: 1% · Database: 4% · Server Time: 2022-09-29 10:41:05
Page générée en 0.008 secondes.
Theme: starlight · Language: french
Reset Theme & Language