Go Back   vb.org Archive > Community Central > Community Lounge
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 06-14-2006, 08:58 PM
Ntfu2 Ntfu2 is offline
 
Join Date: Feb 2006
Posts: 1,247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default How can they be so dumb??

Serisously, so like this site who i am not going to name or give the address to, is moving their server, or something. Anyway their webroot lacks a index file. Guess what else is inside their web root.


If you guesed backups of their database you would be correct. Now every joe schmoe probably has my email address, and all other information that the vBulletin database store, and can/will use it to spam or whatever else. Top that off with they left their advertisment database there to, probably contains some CC # or other payment information. I'd imagine every visitor to their site, now has a copy of their database and all the information it contained from hidden forums, private messages..freaking everything :lol:

Sucks to be them. /rant


cliff notes:
Guys moving server -> leaves db backup in webroot -> anyone can download it and restore...
Reply With Quote
  #2  
Old 06-14-2006, 09:25 PM
KW802's Avatar
KW802 KW802 is offline
 
Join Date: Jul 2003
Location: A galaxy far, far away...
Posts: 1,450
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

So be a nice guy and fire off an email.
Reply With Quote
  #3  
Old 06-14-2006, 10:12 PM
Ntfu2 Ntfu2 is offline
 
Join Date: Feb 2006
Posts: 1,247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Tried to contact them, but no dice.

their forum came back online and i let them know it was still there, and they gave me a dipstick response telling me to go pound salt. I hope bad things are done with it now

:karma:
Reply With Quote
  #4  
Old 06-14-2006, 10:22 PM
Reeve of shinra's Avatar
Reeve of shinra Reeve of shinra is offline
 
Join Date: Oct 2001
Location: NYC
Posts: 1,896
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

whats the url to the backups? I'm sure some kindly citizen will alert users that thier cc info became freely available.
Reply With Quote
  #5  
Old 06-14-2006, 11:07 PM
Ntfu2 Ntfu2 is offline
 
Join Date: Feb 2006
Posts: 1,247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Im sure they would. But i try to be a better ePerson than that
Reply With Quote
  #6  
Old 06-15-2006, 01:49 PM
sambah sambah is offline
 
Join Date: May 2006
Posts: 67
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Ntfu2
Serisously, so like this site who i am not going to name or give the address to, is moving their server, or something. Anyway their webroot lacks a index file. Guess what else is inside their web root.


If you guesed backups of their database you would be correct. Now every joe schmoe probably has my email address, and all other information that the vBulletin database store, and can/will use it to spam or whatever else. Top that off with they left their advertisment database there to, probably contains some CC # or other payment information. I'd imagine every visitor to their site, now has a copy of their database and all the information it contained from hidden forums, private messages..freaking everything :lol:

Sucks to be them. /rant


cliff notes:
Guys moving server -> leaves db backup in webroot -> anyone can download it and restore...
If any financial data has been left there you should contact the FBI or relevant authority.
Reply With Quote
  #7  
Old 06-15-2006, 01:55 PM
KW802's Avatar
KW802 KW802 is offline
 
Join Date: Jul 2003
Location: A galaxy far, far away...
Posts: 1,450
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by sambah
If any financial data has been left there you should contact the FBI or relevant authority.
He wouldn't know if any financial data is in the exposed backups unless he himself downloaded and reviewed them.
Reply With Quote
  #8  
Old 06-15-2006, 02:17 PM
sambah sambah is offline
 
Join Date: May 2006
Posts: 67
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

good point

view the files as text and do a find for 16 digit numbers or summit?
Reply With Quote
  #9  
Old 06-15-2006, 10:48 PM
Freesteyelz's Avatar
Freesteyelz Freesteyelz is offline
 
Join Date: Jan 2006
Posts: 1,552
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Why would you leave the CC on the same DB as your site/forum? It should be located off-site if anything.
Reply With Quote
  #10  
Old 06-16-2006, 12:45 AM
Ntfu2 Ntfu2 is offline
 
Join Date: Feb 2006
Posts: 1,247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You'd think,

it was a seperate DB i'd assume, one was named advertise, the other dbforumbu
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 10:12 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04811 seconds
  • Memory Usage 2,247KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete