Logo

Site Incident - 2022-05-10

Register Log In Back To Forums

Post #1 · Posted at 2022-05-10 04:29:28pm 1.8 years ago

Offline al2k4
al2k4 Avatar Admin
9,387 Posts
United Kingdom
Reg. 2006-05-01

Nintendo Switch Friend Code: SW-6451-2397-9509
"BEMANI Sound Team"
A script was injected onto a few pages on the site which caused some pages to not load correctly.

The pages affected was limited to what admins could edit; in this case the script was injected to a few sections of the homepage and a forum category name.

As a precaution, I have hardened security on the server and changed various passwords and have advised moderators with admin privileges to also change their passwords.

I will be adding directives to the site so unapproved scripts will not be able to run.

Let me know in this thread if you have any questions or concerns.

Post #2 · Posted at 2022-05-11 12:26:59pm 1.8 years ago

Offline AxelWasHere
AxelWasHere Avatar Member
1,580 Posts
United States
Reg. 2012-07-13

"No."
Legit question, does this pose a threat to our emails / passwords?
https://i.imgur.com/vnrpBDk.gif

Post #3 · Posted at 2022-05-11 01:21:38pm 1.8 years ago

Offline travelsonic
travelsonic Avatar Member
190 Posts
Not Set
Reg. 2006-10-18

Quote
A script was injected onto a few pages on the site which caused some pages to not load correctly.

Can you elaborate more on this? If not, as in for legitimate reasons, dun worry, but I am curious about what happened (and if pages not loading correctly was the extent of it).

Post #4 · Posted at 2022-05-11 06:46:36pm 1.8 years ago

Offline SocialDragon322
SocialDragon322 Avatar Member
257 Posts
United Kingdom
Reg. 2019-09-13

Sorry then...
THE 4 TIME TRIPLE MATCH MIDNIGHT HEAVENLY SUPREME SOCIAL DRAGON ALL-ROUNDER:
SocialDragon368- Part of the SD368 Group

Post #5 · Posted at 2022-05-11 08:17:02pm 1.8 years ago

Offline al2k4
al2k4 Avatar Admin
9,387 Posts
United Kingdom
Reg. 2006-05-01

Nintendo Switch Friend Code: SW-6451-2397-9509
"BEMANI Sound Team"
Quote: AxelWasHere
Legit question, does this pose a threat to our emails / passwords?

I don't believe any credentials were compromised as the script would not have access to the database.

Quote: travelsonic
Can you elaborate more on this? If not, as in for legitimate reasons, dun worry, but I am curious about what happened (and if pages not loading correctly was the extent of it).

From what I can see in the script, it seemed to try and inject ads onto the site based on which page users visited.

Post #6 · Posted at 2022-05-12 03:59:05am 1.8 years ago

Offline SomethingRandom
SomethingRandom Avatar Member
2,781 Posts
United States
Reg. 2015-02-21

Game Center Nickname: blearymoos
"bootylicious "

Post #7 · Posted at 2022-05-12 04:42:19am 1.8 years ago

Offline aidan9030
aidan9030 Avatar Member
374 Posts
Canada
Reg. 2015-02-15

"3.6 not great not TERRIBLE ok."

Last updated: 2022-05-12 04:48am
is now the time to point out their extensive history of thread (necro)bumping & out-of-context posts?
Quote: Trip Machina
Insanity on a flatscreen!

STARLiGHT TraXX is out!

Post #8 · Posted at 2022-05-23 04:06:20pm 1.8 years ago

Offline DDR Addict
DDR Addict Avatar Member
1,464 Posts
United States
Reg. 2009-09-23

Nintendo Network ID: RimeTM3DS Friend Code: 3454-0657-8756
"Let's Do the Rain Dance"
Yesterday, there was an outage for several hours that didn't use the bespoke page regarding server load. Maybe it's just me being too antsy, but can we get assurance that this wasn't another script injection attack that may have been more effective than the last one?

Post #9 · Posted at 2022-05-23 05:20:13pm 1.8 years ago

Offline SocialDragon322
SocialDragon322 Avatar Member
257 Posts
United Kingdom
Reg. 2019-09-13

And a war attack that won't happen again?
THE 4 TIME TRIPLE MATCH MIDNIGHT HEAVENLY SUPREME SOCIAL DRAGON ALL-ROUNDER:
SocialDragon368- Part of the SD368 Group

Post #10 · Posted at 2022-05-24 12:20:14am 1.8 years ago

Offline Sigrev2
Sigrev2 Avatar Member+
4,159 Posts
United States
Reg. 2009-10-17

Nintendo Network ID: Sigrev2Nintendo Switch Friend Code: SW-2884-7660-37993DS Friend Code: 3883-7652-3160
"suffering from success"
Someone let the mice into the machine again smh what did I tell you about cleaning out the crumbs

Post #11 · Posted at 2022-05-25 01:11:55pm 1.8 years ago

Offline RGTM
RGTM Avatar Moderator+
7,195 Posts
United States
Reg. 2007-07-19

Nintendo Network ID: xRGTMxNintendo Switch Friend Code: SW-6034-2315-7724Game Center Nickname: xRGTMx
"BBCode Not Allowed"

Last updated: 2022-05-25 01:24pm
According to al2k4, the incident that occurred last Sunday (May 22, 2022) was caused by the same kind of injection attack, affecting various back-end admin files. This time, .htaccess was edited in a way that was invalid for Apache, leading to the 500 Internal Server Errors. He's currently unsure if there's a vulnerability in ZIv's scripts, or within Apache itself.

At the current moment, Alan said this is going to give him a push to rewrite most of the code for the website, as v5.2 is running off spaghetti dating back to 2006-09 🤢. As such, it's looking like v5.3 is now in development.

ZIv's website files are now being backed up daily, but due to the immense size, the simfile database is not. However, Alan and I brainstormed solutions on how to reduce the current size of this section (473 GB currently). Most of the size is due to duplication, as almost all simfiles are individually zipped, with categories having their own large pack zips. I brought up the idea of having a temporary zip application, which would create zip files upon request. This would only apply to individual simfiles, as temporary pack zips would bog down the website. If temp zips are applied, this would dramatically reduce the size of the simfile database, and would allow room for routine backups. Please do note that this may or may not actually take shape, as it's simply an idea for now.

Please bear with us; there's lots of cleanup in the back end to be done. 🙏
ZIv Mod Squad: "shark jumpscare"
https://cdn.discordapp.com/attachments/926629361858273310/1176900767613997157/EC2E821F-8C1F-4894-9E77-59CB48D2FD35a.gif?ex=660d6fc0&is=65fafac0&hm=f09590db85453f3661ef757d7a859f3212a60fd34bdd378b61c3694fe904fd36&
Register Log In Back To Forums

0 User(s) Viewing This Thread (Past 15 Minutes)

©2006-2024 Zenius -I- vanisher.com -5th style- IIPrivacy Policy
Web Server: 3% · Database: 4% · Server Time: 2024-03-28 21:54:08
This page took 0.01 seconds to execute.
Theme: starlight · Language: englishuk
Reset Theme & Language