1. Download our Official Android App: Forums for Android!

Ubuntu forums got hacked..

Discussion in 'Computers' started by Thatdad, Jul 26, 2013.

  1. Thatdad

    Thatdad Android Expert
    Thread Starter
    Rank:
    None
    Points:
    183
    Posts:
    1,322
    Joined:
    Jun 4, 2013

    Jun 4, 2013
    1,322
    323
    183
    Male
    Direct Support Professional
    South Georgia

    Attached Files:


    Advertisement

  2. 9to5cynic

    9to5cynic Android Expert
    Rank:
    None
    Points:
    633
    Posts:
    4,873
    Joined:
    Feb 20, 2011

    Feb 20, 2011
    4,873
    1,766
    633
    /home/
    Hahah... Wonder how long until the ubutuforums dictionary file is released. I'm curious about the vuln too. If it's an 0day, you'd think there'd be some more... lucrative targets.

    Color me curious.


    Edit:

    Supposedly from the hacker: http://www.twitlonger.com/show/n_1rlft0d
    Sounds like there is no real harm. If you trust him (or her ;)). No plans to release the database. Passwords are encrypted with the default vBulletin scheme, which seems to be decent. Two rounds of md5 with a salt thrown in for good measure. I wish his tweet would have said how he got in though.

    E2: Okay, last edit (I hope). Sounds like the salt added to the password might have only been three characters. :eek: Hmm.. I wonder what the userbase for ubuntuforums.org was..?
     
  3. Thatdad

    Thatdad Android Expert
    Thread Starter
    Rank:
    None
    Points:
    183
    Posts:
    1,322
    Joined:
    Jun 4, 2013

    Jun 4, 2013
    1,322
    323
    183
    Male
    Direct Support Professional
    South Georgia
    I don't know lol. Hopefully the hackers to true his/her words. This will be the buzz around ubuntuforums for a while and I'm sure there will be a few stickies LOL
     
  4. MoodyBlues

    MoodyBlues - Crazy peacock person -
    VIP Member
    Rank:
     #52
    Points:
    453
    Posts:
    3,469
    Joined:
    Jan 27, 2011

    Jan 27, 2011
    3,469
    1,783
    453
    Formerly UNIX/Linux programmer/sysadmin, now disab
    /home/LosAngeles
    Yeah, they notified me via e-mail, even though I haven't been active over there for a good while. (I got tired of being treated like we were all in Kindergarten: "Now, now, let's not post DANGEROUS things like how to enable root logins! Clueless noobs might wipe their drives accidentally!" :rolleyes:)

    I'm guessing, but have no way to prove, that it involved an inside job.

    No, there's still plenty of help available. From the "we're down" page:

    Um...someone(s) fell down on the job?
     

Share This Page

Loading...