NineChime forum

Furry stuff, oekaki stuff, and other stuff.

You are not logged in.

Post a reply

Write your message and submit
Humanity test

What is four + ten?

Go back

Topic review (newest first)

04-26-2009 03:19:28

Sigh... never mind.  It looks like someone guessed the owner password or exploited some other security hole.

I was able to hack in quite easily, and have secured the board with a new set of passwords.  I'll e-mail them to you.

I apologize for just barging in like that, but, yes, people were having their accounts deleted.  I don't know how secure the board is given that it's using modified code, but at least the hacker won't be able to log in as an owner, anymore.

Rage Inflictor
04-25-2009 23:39:45

There are easy ways to set all the flags for everyone all at once, though I usually do that kind of stuff directly with SQL than with a script.

Oh nice, I did it one by one in Modify Permissions. -_-; And when I logged back in later, Twilight was no longer an Owner, and a handful of members had no flags again. Also, the log shows that Twilight deleted a lot of his members. hmm He's claiming hack, but I don't know...

Did you add a new column to the database for this "infractions" feature, or is this part of the PHP code?

And Sableye's Infractions are apart of the PHP code.

04-25-2009 19:40:55

Did you add a new column to the database for this "infractions" feature, or is this part of the PHP code?  There are easy ways to set all the flags for everyone all at once, though I usually do that kind of stuff directly with SQL than with a script.

Basically, you do this:


$result = mysql_query("UPDATE ".$OekakiPoteto_MemberPrefix."oekaki SET usrflags='GDM', rank=0");

Then run the "flagrestore" script to fix the owner account.  If that won't work, then do this:


$result = mysql_query("UPDATE ".$OekakiPoteto_MemberPrefix."oekaki SET usrflags='GDMIASO', rank=9 WHERE usrname='xTwilightx'");
Rage Inflictor
04-25-2009 10:19:50

Fixed, flag restore wouldn't work however, the problem seems to be with infractions; someone set the number to 0, rather than disabling them.
I've removed infractions from my oekaki because of all the flaws. Until they're reversed, flagrestore.php has no effect. hmm I changed the language and disabled infractions by editing your config.php file, by turning off infractions I was able to use flagrestore. I'll start adding your members' flags back, but I'll probably get bored. hmm

Rage Inflictor
04-25-2009 03:05:22

And, If you send me your info again, I can do your flagrestore. hmm

Edit: I went to your Oekaki, no one can log in, because they don't have a G flag. So, once you give me your info, and I restore you to Owner status, you'll just have to give everyone their flags back.

04-25-2009 03:03:02

I haven't touched your Oekaki in months... since the last time you asked for help.  Don't blame me. You're not even in my FTP anymore. hmm

04-25-2009 02:54:31

The board doesn't have anyone set up as an owner.  That's bad, because it means the control panel won't work and the language can't be set back to English.

If you feel comfortable about it, you can e-mail me your server login and I'll fix it.  RageInflictor could fix the owner issue with the flag restore tool so you can change the default language, but I'm not too sure about the login issue.

04-24-2009 23:14:52

ok, so I may just be over reacting.
RageInflictor helps me with my Oekaki, and this may just be her updating to the new wac, I don't think she'd explode it on purpose.

My oekaki is now in japanese for some reason, and none of the members (including myself) can login.......

I-I don't know what's going on....

Board footer

Yep, still running PunBB
© Copyright 2002–2008 PunBB