Logo

Site Incident - 2022-05-10

Enregistré Connexion Retour aux forums

Post #1 · Posté à 2022-05-10 04:29:28pm il y a 2.1 années

Offline al2k4
al2k4 Avatar Admin
9,389 Messages
United Kingdom
Reg. 2006-05-01

Nintendo Switch Friend Code: SW-6451-2397-9509
"BEMANI Sound Team"
A script was injected onto a few pages on the site which caused some pages to not load correctly.

The pages affected was limited to what admins could edit; in this case the script was injected to a few sections of the homepage and a forum category name.

As a precaution, I have hardened security on the server and changed various passwords and have advised moderators with admin privileges to also change their passwords.

I will be adding directives to the site so unapproved scripts will not be able to run.

Let me know in this thread if you have any questions or concerns.

Post #2 · Posté à 2022-05-11 12:26:59pm il y a 2.1 années

Offline AxelWasHere
AxelWasHere Avatar Member
1,608 Messages
United States
Reg. 2012-07-13

"No."
Legit question, does this pose a threat to our emails / passwords?
https://i.imgur.com/vnrpBDk.gif

Post #3 · Posté à 2022-05-11 01:21:38pm il y a 2.1 années

Offline travelsonic
travelsonic Avatar Member
190 Messages
Not Set
Reg. 2006-10-18

Quote
A script was injected onto a few pages on the site which caused some pages to not load correctly.

Can you elaborate more on this? If not, as in for legitimate reasons, dun worry, but I am curious about what happened (and if pages not loading correctly was the extent of it).

Post #4 · Posté à 2022-05-11 06:46:36pm il y a 2.1 années

Offline SocialDragon322
SocialDragon322 Avatar Member
294 Messages
United Kingdom
Reg. 2019-09-13

Sorry then...

Post #5 · Posté à 2022-05-11 08:17:02pm il y a 2.1 années

Offline al2k4
al2k4 Avatar Admin
9,389 Messages
United Kingdom
Reg. 2006-05-01

Nintendo Switch Friend Code: SW-6451-2397-9509
"BEMANI Sound Team"
Quote: AxelWasHere
Legit question, does this pose a threat to our emails / passwords?

I don't believe any credentials were compromised as the script would not have access to the database.

Quote: travelsonic
Can you elaborate more on this? If not, as in for legitimate reasons, dun worry, but I am curious about what happened (and if pages not loading correctly was the extent of it).

From what I can see in the script, it seemed to try and inject ads onto the site based on which page users visited.

Post #6 · Posté à 2022-05-12 03:59:05am il y a 2.1 années

Offline SomethingRandom
SomethingRandom Avatar Member
2,822 Messages
United States
Reg. 2015-02-21

Game Center Nickname: blearymoos
"bootylicious "

Post #7 · Posté à 2022-05-12 04:42:19am il y a 2.1 années

Offline aidan9030
aidan9030 Avatar Member
375 Messages
Canada
Reg. 2015-02-15

"3.6 not great not TERRIBLE ok."

Last updated: 2022-05-12 04:48am
is now the time to point out their extensive history of thread (necro)bumping & out-of-context posts?
Quote: Trip Machina
Insanity on a flatscreen!

STARLiGHT TraXX is out!

Post #8 · Posté à 2022-05-23 04:06:20pm il y a 2.1 années

Offline DDR Addict
DDR Addict Avatar Member
1,464 Messages
United States
Reg. 2009-09-23

Nintendo Network ID: RimeTM3DS Friend Code: 3454-0657-8756
"Let's Do the Rain Dance"
Yesterday, there was an outage for several hours that didn't use the bespoke page regarding server load. Maybe it's just me being too antsy, but can we get assurance that this wasn't another script injection attack that may have been more effective than the last one?

Post #9 · Posté à 2022-05-23 05:20:13pm il y a 2.1 années

Offline SocialDragon322
SocialDragon322 Avatar Member
294 Messages
United Kingdom
Reg. 2019-09-13

And a war attack that won't happen again?

Post #10 · Posté à 2022-05-24 12:20:14am il y a 2.1 années

Offline Sigrev2
Sigrev2 Avatar Member+
4,183 Messages
United States
Reg. 2009-10-17

Nintendo Network ID: Sigrev2Nintendo Switch Friend Code: SW-2884-7660-37993DS Friend Code: 3883-7652-3160
"suffering from success"
Someone let the mice into the machine again smh what did I tell you about cleaning out the crumbs

Post #11 · Posté à 2022-05-25 01:11:55pm il y a 2.1 années

Offline RGTM
RGTM Avatar Moderator+
7,232 Messages
United States
Reg. 2007-07-19

Nintendo Network ID: xRGTMxNintendo Switch Friend Code: SW-6034-2315-7724Game Center Nickname: xRGTMx
"BBCode Not Allowed"

Last updated: 2022-05-25 01:24pm
According to al2k4, the incident that occurred last Sunday (May 22, 2022) was caused by the same kind of injection attack, affecting various back-end admin files. This time, .htaccess was edited in a way that was invalid for Apache, leading to the 500 Internal Server Errors. He's currently unsure if there's a vulnerability in ZIv's scripts, or within Apache itself.

At the current moment, Alan said this is going to give him a push to rewrite most of the code for the website, as v5.2 is running off spaghetti dating back to 2006-09 🤢. As such, it's looking like v5.3 is now in development.

ZIv's website files are now being backed up daily, but due to the immense size, the simfile database is not. However, Alan and I brainstormed solutions on how to reduce the current size of this section (473 GB currently). Most of the size is due to duplication, as almost all simfiles are individually zipped, with categories having their own large pack zips. I brought up the idea of having a temporary zip application, which would create zip files upon request. This would only apply to individual simfiles, as temporary pack zips would bog down the website. If temp zips are applied, this would dramatically reduce the size of the simfile database, and would allow room for routine backups. Please do note that this may or may not actually take shape, as it's simply an idea for now.

Please bear with us; there's lots of cleanup in the back end to be done. 🙏
ZIv Mod Squad: "shark jumpscare"
https://i.imgur.com/YdfMaWU.gif
Enregistré Connexion Retour aux forums

0 User(s) Viewing This Thread (Past 15 Minutes)

©2006-2024 Zenius -I- vanisher.com -5th style- IIPrivacy Policy
Web Server: 4% · Database: 4% · Server Time: 2024-07-14 19:42:25
Page générée en 0.01 secondes.
Theme: starlight · Language: french
Reset Theme & Language