|
Post by Hurricane on Jul 9, 2008 16:36:07 GMT
Seems like RallyStuff.net has become the victim of a hacker attack. Every forum post and several profile links have a script link to malicious software. Members aren't able to log in (at least I'm not) as every account has been turned in "unconfirmed". I hope no database / webserver passwords have been changed so Curt can fix everything without having to contact his host. I hope Curt and others read this so they can give some news.
|
|
|
Post by Curt on Jul 29, 2008 6:54:45 GMT
I can tell you exactly whats happened. The site has had SQL injection attacks through the querystring parameters in the URL. The hackers were able to change a Thread ID for example, into a dangerous script. This script would keep all the data how it is, but add javascript links to the end of most data.
The reason no one can login is because everyones password is now:
'Users Password (Encrypted'<script.. />.....
|
|