• Visit Rebornbuddy
  • Visit Panda Profiles
  • Visit LLamamMagic
  • SQL Injection at old shop.buddymaster.com Server

    Discussion in 'Archives' started by bossland, Feb 6, 2013.

    1. bossland

      bossland Administrator

      Joined:
      Jan 15, 2010
      Messages:
      14,883
      Likes Received:
      259
      Trophy Points:
      146
      Sorry to inform you all that...

      we where victim of an SQL Injection on our old Shop System Agilebill. Someone managed to exploit his way into the server and take a mirror of the following:

      * Old Shop that was functional until August 2011, the shop system stored the Username, pass with md5, IP Address of the last visit, and invoice numbers that where paid or not

      * Buddyauth.com usernames and passes ( salted md5(md5) ) and the email address until May 2012

      * Keys for the Bots until 2th October 2012

      * Very old forum data until November 2010

      This intruder zipped the whole database and put it on the only running domain on that server buddymaster.com, where he deleted the dummy index.hml so the structure of the folder would be clear to see.

      We got informed by an online ticket 90 minutes ago, and we took down the link 60 minutes ago.

      Please be informed that sharing this zip is agains the law, intruding in an system by a SQL Injection is also against the law. We have no idea how many times the zip was downloaded, if anyone of you downloaded it, please delete it asap.

      As it is already midnight, we will proceed with repairing the damage tomorrow:

      * We will deliver a new key for each created key until 02 Oct 2012

      * Your buddyauth password is very secure as its md5(md5) & salt, but if you feel unsecure, please change it now ( Accounts created until 14 May 2012 )

      * If you have not changed your Forum password since 04 November 2010, please do it now. Forum data that was taken is as old as 4th Nov 2010.

      * We will go through all logfiles to try to get any idea of who was the intruder and how he managed to exploit the old open source shop system ( which is completely shut down now ).

      We are very sorry for the incident, and also very angry, as we can not do anything to get that data back. If you have any information about the intruder please send us an ticket on support.thebuddyforum.com
       

    Share This Page