That exact code wasn’t on my server, just something that downloaded a php shell with curl.
About super_, while he may have not been directly the person that did this (though he certainly could have been, all the evidence points to him), he admittedly knew this ‘kevin’ guy had admin access through Mopman’s account, and even had him change his name from slavemaster to veer. He claims he cares about the community, but if he really did, wouldn’t he have told someone right away?
well, from what i’ve gathered super_ is rather intelligent. why would he edit his own account for all those things? i’m sure he would be aware that it would set off a red flag. it seems more like something someone trying to frame super_ would do. then again, maybe he just didn’t care…
also, im with silab on the whole tx thing
edit:
[quote=“Moparisthebest, post:41, topic:414033”]That exact code wasn’t on my server, just something that downloaded a php shell with curl.
About super_, while he may have not been directly the person that did this (though he certainly could have been, all the evidence points to him), he admittedly knew this ‘kevin’ guy had admin access through Mopman’s account, and even had him change his name from slavemaster to veer. He claims he cares about the community, but if he really did, wouldn’t he have told someone right away?[/quote]
not necessarily, http://en.wikipedia.org/wiki/Trolley_problem & http://en.wikipedia.org/wiki/Omission_bias
Super is one of the few people on these boards that post anything semi Intelligent, Although I really don’t care for his personality I highly doubt he was directly involved in this attack and I will also say that I think he does care for the community and the question you would have to ask is why would he attack a site he obviously spends large amounts of time visiting.
In the same vein, why would he let somebody he knows is going to hack sites proxy through his box to do it, linking it to him?
He admits to this part, btw.
[quote=“cooper, post:42, topic:414033”][quote author=Moparisthebest link=topic=515997.msg3746687#msg3746687 date=1315757624]
About super_, while he may have not been directly the person that did this (though he certainly could have been, all the evidence points to him), he admittedly knew this ‘kevin’ guy had admin access through Mopman’s account, and even had him change his name from slavemaster to veer. He claims he cares about the community, but if he really did, wouldn’t he have told someone right away?
[/quote]
not necessarily, http://en.wikipedia.org/wiki/Trolley_problem & http://en.wikipedia.org/wiki/Omission_bias[/quote]
Trolley problem isn’t applicable, as telling me an admin pass was compromised wouldn’t have hurt anyone, would it?
@Ommision Bias, isn’t that saying I should judge him just as harshly as the guy who did it? I tend to agree.
[quote=“Mopman, post:44, topic:414033”][quote author=cooper link=topic=515997.msg3746751#msg3746751 date=1315760427]
well, from what i’ve gathered super_ is rather intelligent. why would he edit his own account for all those things? i’m sure he would be aware that it would set off a red flag. it seems more like something someone trying to frame super_ would do.
[/quote]
In the same vein, why would he let somebody he knows is going to hack sites proxy through his box to do it, linking it to him?
He admits to this part, btw.[/quote]
[quote=“Moparisthebest, post:45, topic:414033”][quote author=cooper link=topic=515997.msg3746751#msg3746751 date=1315760427]
not necessarily, http://en.wikipedia.org/wiki/Trolley_problem & http://en.wikipedia.org/wiki/Omission_bias
[/quote]
Trolley problem isn’t applicable, as telling me an admin pass was compromised wouldn’t have hurt anyone, would it?
@Ommision Bias, isn’t that saying I should judge him just as harshly as the guy who did it? I tend to agree.[/quote]
The way I see it, perhaps the consequence would be social. The demise of relationship with the hacker, or perhaps the feeling that he squealed/“tattled”. When I was in elementary school/as a child, there was a large negative social effect given to those who were considered “tattletales”. i know it’s a childish notion, but it was ingrained in many children, and even some adults do respond to such a thing.
I’m not saying that you should or shouldn’t judge him harshly, I’m staying (well, I’m meaning to stay :P) neutral about that. I’m more interested in the reasoning behind it, why he made the decision he made. Sorry if that caused confusion.
[anyways, what does super_ have to say about this? has anyone spoken to him?]
super_ didn’t ‘tattle’ or ‘snitch’ until I confronted him with irrefutable evidence that he was the one that did all of this. For all I know, he made up this ridiculous story about a ‘friend’ and a VPN.
[quote=“Moparisthebest, post:47, topic:414033”]super_ didn’t ‘tattle’ or ‘snitch’ until I confronted him with irrefutable evidence that he was the one that did all of this. For all I know, he made up this ridiculous story about a ‘friend’ and a VPN.[/quote] It is always a ridiculous story…a friend, a brother, a virus, I left my door open. Heard many, believed none. Meanwhile, seems that all our hard work for the past 7 years has been stolen. I am consulting our lawyers to see if it is a criminal offence and whether it is possible to legally nail the offenders.
That’s pretty messed up. I hope whoever stole it gets caught and prosecuted to the full extent of the law.
Mopar, I can only assume his VPN'' _must_ have logged the IP of hisfriend’’? That would help if he is telling the truth.
It’s just very confusing in general… we have the matching shells going into the different sites at the same time supposedly by different people, can’t be 100% sure of ANYTHING because of how easy it is to get proxies. Not to mention I don’t see why anyone besides TX would want to do anything to my site, considering it was me that had banned a few of the accounts he was evading on just a few days before this happened.
Fakawi, what was stolen?
Off T - Wizzup, what’s with your quotation marks?
This thread is full of way too much care.
If it was an anonymous hacking group you wouldn’t be able to do shit. So fix your vulnerabilities, accept your security was shit and move on.
What do you hope to achieve by pursuing this situation? If it was Super_ then he expects to be banned no doubt, in which case he already doesn’t give a shit - otherwise he’d have used a proxy.
The blind accusations are equally amusing. Idiots.
[quote=“Greeny, post:52, topic:414033”]This thread is full of way too much care.
If it was an anonymous hacking group you wouldn’t be able to do shit. So fix your vulnerabilities, accept your security was shit and move on.
What do you hope to achieve by pursuing this situation? If it was Super_ then he expects to be banned no doubt, in which case he already doesn’t give a shit - otherwise he’d have used a proxy.
The blind accusations are equally amusing. Idiots.[/quote]
There have been no blind accusations. We have/had equal reason to believe that it could have been either T__X, super_, or “kevin”. Also, there is obviously care here because most people with access to this section spend a lot of time on this site; so therefore we obviously care…
[quote=“Newty, post:53, topic:414033”][quote author=Greeny link=topic=515997.msg3748107#msg3748107 date=1315827997]
This thread is full of way too much care.
If it was an anonymous hacking group you wouldn’t be able to do shit. So fix your vulnerabilities, accept your security was shit and move on.
What do you hope to achieve by pursuing this situation? If it was Super_ then he expects to be banned no doubt, in which case he already doesn’t give a shit - otherwise he’d have used a proxy.
The blind accusations are equally amusing. Idiots.
[/quote]
There have been no blind accusations.[/quote]
Hahahaha.
Also, there is obviously care here because most people with access to this section spend a lot of time on this site; so therefore we obviously care..
And the site is here, working and in order. Please continue to justify this stupidity.
(super_ spent a lot of time on this site, so by your logic, he cares and therefore it was not him)
The site went down for at least a few hours while MITB was ‘investigating’ what happened. He also had to throw together a (another) hack that made all of us change our password. So there was time lost by all of us because of this.
I said “most people” and if it was indeed super_ then he must not fall within “most people”.
The site went down for at least a few hours while MITB was 'investigating' what happened. He also had to throw together a (another) hack that made all of us change our password. So there was time lost by all of us because of this.Hi, I'm new to this site or you must think I am to be telling me something I already fucking know. Completely irrelvant to what I said, in fact I could say the same thing again and it's still an adaquate response to your nonsense. So here goes;
And the site is here, working and in order. Please continue to justify this stupidity.
Also, you said “most people” in regard to this section not in regard to people caring for the site 
There is no evidence against anyone but super_ as far as I know so like I said stop making blind accusations and let’s just move the fuck on.
The fact you tried to justify investigating this because we all lost time is outrageous. The only person to lose time through it was Moparisthebest as he’s the poor sod who has to deal with it. Pretending you lost time too because you couldn’t surf a forum for a few hours is quite frankly sad and shows you have no appreciation or understanding for what Moparisthebest actually does.
If Moparisthebest wants to deal with it, it can be done through his means and with the help of law enforcement. None of you are going to do anything, your accusations are not going to help anything and discussing who you think did it without any significant evidence equally doesn’t help anything.
[quote=“Greeny, post:52, topic:414033”]This thread is full of way too much care.
If it was an anonymous hacking group you wouldn’t be able to do shit. So fix your vulnerabilities, accept your security was shit and move on.
What do you hope to achieve by pursuing this situation? If it was Super_ then he expects to be banned no doubt, in which case he already doesn’t give a shit - otherwise he’d have used a proxy.
The blind accusations are equally amusing. Idiots.[/quote]
If you had a community running for seven years, with over 65k members, 790k posts and 60k threads, you would care if your entire database was dumped. As for security, I can only say you probably don’t have a clue.
I can only assume your ``blind accusations’’ comment is a troll. As previously stated, super_ accessed both servers / sites with his own IP doing crap and admits to knowing about both the hacks. Regardless if he did it or not, he is an accomplice. I don’t see how this is a blind accusation if he admits to it himself.
So, you’re completely wrong by saying that there is no evidence against super_. He admitted to knowing about it and that the guy who did it - according to him owns an account on his vpn. You don’t have your facts straight, sir. As far as I know he also dumped the entire user table (or more) of MITB - how can you tell everyone to just move on? It’s a serious break in and offence. If anything your comment here is not required and you should move on if you just don’t care.
The only accusations in this thread have been followed up with evidence, it’s up to you to decide if that evidence is valid or not. But otherwise, I don’t see the blind accusations, just someone being a dickhead.
[quote=“Wizzup?, post:57, topic:414033”][quote author=Greeny link=topic=515997.msg3748107#msg3748107 date=1315827997]
This thread is full of way too much care.
If it was an anonymous hacking group you wouldn’t be able to do shit. So fix your vulnerabilities, accept your security was shit and move on.
What do you hope to achieve by pursuing this situation? If it was Super_ then he expects to be banned no doubt, in which case he already doesn’t give a shit - otherwise he’d have used a proxy.
The blind accusations are equally amusing. Idiots.
[/quote]
If you had a community running for seven years, with over 65k members, 790k posts and 60k threads, you would care if your entire database was dumped. As for security, I can only say you probably don’t have a clue.
I can only assume your ``blind accusations’’ comment is a troll. As previously stated, super_ accessed both servers / sites with his own IP doing crap and admits to knowing about both the hacks. Regardless if he did it or not, he is an accomplice. I don’t see how this is a blind accusation if he admits to it himself.
So, you’re completely wrong by saying that there is no evidence against super_. He admitted to knowing about it and that the guy who did it - according to him owns an account on his vpn. You don’t have your facts straight, sir. As far as I know he also dumped the entire user table (or more) of MITB - how can you tell everyone to just move on? It’s a serious break in and offence. If anything your comment here is not required and you should move on if you just don’t care.[/quote]
Read my above post where I said, and I quote;
“There is no evidence against anyone but super_ as far as I know”
So no, I am not completely wrong, you are, along with your inability to read.
The fact you then assume I know nothing about web server security is hilarious after saying you don’t make blind accusations. Way to prove your point. The fact you think the size of the database is in anyway related to the issue at hand also astounds me. Whether the compromised database was filled with 1 or 100,000 users the issue is still serious, the fact it’s already happened, already stolen and nothing you can do about it, this is why we “the users” should move on and leave Moparisthebest to deal with it accordingly. Since what can we do; if anything to help? As I’ve already said all you get is blind accusations which will deter him from the truth.
My comment is required because I said this is for Moparisthebest to deal with and does not need interference from a bunch of accusative forum users who comment without evidence. With regards to your own evidence from villavu this is indeed relevant and is between you and Moparisthebest to discuss, I did not even make a comment on that because I fully agree with your participation.
Here is an example of an unnecessary comment:
Where is the evidence for this T–X ?.. and all I see for this Kevin person is IRC logs, hardly evidence. Maybe you don’t understand the term, it wouldn’t surprise me, lately you’ve been jumping on disagreeing with any of my posts that you can, despite your complete lack of debating skills and shallow resort to insulting me each time I prove you wrong. Bitter much?
EDIT: The only comment I’ve made in this thread as far as a trolling is concerned is that first line about the “care” in my first post of this page. The rest was deadly serious. If you’re a person who believes an IP address is enough to stand as evidence in a court of law then you are rather sadly misinformed.
Now stop derailing the thread by arguing with my opinion on why you’re all nosy bastards and let him deal with it?.. or would anyone like to defend their right to post garbage accusations and evidence. I don’t care, I just wanted this thread to be a legible source of information for MITB regarding the hack, clearly you’d all rather chat about it like a bunch of school mums.
Here is an example of an unnecessary comment:
insulting me
Bawwwwww