You are for 0 more minute. [Reply] PegLeg {NI} [13410] 29 Nov 2023 9:03:28 pm | I know Hagar will take care of his players! | Likes: 0 | Akula [17929] 30 Nov 2023 5:55:31 am | Uummm, not a glitch To the hacker who hacked into Walk my Plank, I will find you. (Edit) No you won't Edited by Akula [17929], 30 Nov 2023 5:55:49 am | Likes: 0 | Hägar the Horrible [1] 30 Nov 2023 12:19:52 pm | Technically it wasn’t a hack. It was more an act of opportunistic vandalism.
Someone knew the login to a memorial account, possibly because the account username/password may have been used on multiple sites. Another likely way it was done was the “hacker” gained access to the memorials old email account and saw walk my plank in there, so they came here and did a password reset.
The problem then became my fault. Memorial accounts were never catered for in the original code so I added them on top of administrators. This gave them access to the in-game admin page which they then started to use to delete fleets/accounts etc.
I’m thankful that’s all they had access to, rather than the actual database. No account information has been compromised, and even though the passwords are hashed and salted (which means even I don’t know them), they could not access that info.
Memorial accounts have been changed to stop them from being able to be logged in to, so if I’m right about how it was done, It shouldn’t happen again. | Likes: 0 | Muirenn [Ni] [13616] 30 Nov 2023 1:45:55 pm | Wow! Great job of figuring all of that out!
Thanks Hagar! :) | Likes: 0 | breadman [retired] [13325] 30 Nov 2023 2:35:34 pm | I was curious on what happened... very interesting stuff.
| Likes: 0 | Akula [17929] 1 Dec 2023 6:21:49 pm | Thanks for being on top of things.
I used to fight hackers, but to be honest, sometimes it was fun. Only things that upset me were the DDoS attacks. Now days most are not a real problem.
OWASP | Likes: 0 |
|