Neocolours is down.
Sun Mar 06, 2005 7:39 pm
NeverEverNoSanity WebWorm generation 10.
From the Neocolours homepage.
Last edited by Axe on Fri Mar 11, 2005 12:11 pm, edited 3 times in total.
Sun Mar 06, 2005 7:40 pm
It's not a cookie grabber or anything, just a worm that effect PHP sites.
It uses google to hunt PHP sites, and hits them.
It uses google to hunt PHP sites, and hits them.
Last edited by Weewoo on Sun Mar 06, 2005 7:42 pm, edited 1 time in total.
Sun Mar 06, 2005 7:41 pm
Again?!
The same message happened a few months ago, then the forum was fried as well...was down for a while =/
Sun Mar 06, 2005 7:42 pm
I still think they were hacked, last time they were hacked, I saw something similar to this.
Just a fair warning.
Just a fair warning.
Sun Mar 06, 2005 7:46 pm
---
Last edited by Kalathalan on Fri Sep 16, 2022 1:19 am, edited 1 time in total.
Sun Mar 06, 2005 7:46 pm
I know that now. But there still *might* be a cookie grabber installed on it. Be careful.
Sun Mar 06, 2005 8:01 pm
It's not a cookie grabber, or my account would have been owned a few months ago. It just screws up the front page, but Neocolors still works the same past that.
This explains why te forum has been messed up for 2 days, THEN the site shows signs.
This explains why te forum has been messed up for 2 days, THEN the site shows signs.
Sun Mar 06, 2005 8:22 pm
If I'm remembering correctly then that worm is of the family that exploits a bug in older phpbb forums that deletes a whole lot of stuff replacing it with a "defaced" message....but it doesn't affect databases so all the data is still there *phew* But it's totally safe to view, the whole purpose of the worm is to destroy stuff, spread itself and to brag that it's there.
Unfortunately the forums also went down a few days before due to what looks like a problem with one of the tables in the database, and that'l only get fixed when the site owner returns...so that may take some time :/
Heh, I've been lurking here for ages and now that neocolours is down I've popped in here for a bit, I hope no one minds xD
Unfortunately the forums also went down a few days before due to what looks like a problem with one of the tables in the database, and that'l only get fixed when the site owner returns...so that may take some time :/
Heh, I've been lurking here for ages and now that neocolours is down I've popped in here for a bit, I hope no one minds xD
Sun Mar 06, 2005 8:35 pm
Trick wrote:If I'm remembering correctly then that worm is of the family that exploits a bug in older phpbb forums that deletes a whole lot of stuff replacing it with a "defaced" message....but it doesn't affect databases so all the data is still there *phew* But it's totally safe to view, the whole purpose of the worm is to destroy stuff, spread itself and to brag that it's there.
Unfortunately the forums also went down a few days before due to what looks like a problem with one of the tables in the database, and that'l only get fixed when the site owner returns...so that may take some time :/
Heh, I've been lurking here for ages and now that neocolours is down I've popped in here for a bit, I hope no one minds xD
I'm sure noone minds trick, and welcome to the forum, as the saying goes the more the eviller
...er merrier 
Sun Mar 06, 2005 9:09 pm
Yay, thanks x) I'll just have to restrict myself and not use too many of the fab smileys here 
heehee xD
heehee xD
Sun Mar 06, 2005 10:55 pm
Gah ...I went there a couple of times today and yesterday, but didn't really notice the little sign thing. Now I did.
I hope they find some sort of protection from this kind of thing.
*kicks the annoying worms*
I hope they find some sort of protection from this kind of thing.
*kicks the annoying worms*
Mon Mar 07, 2005 12:19 am
Whoever invented that stupid worm is a waste of atoms.
Also, they could have at least given it a grammatically correct name - negative concord is naughty! Hehe.
Also, they could have at least given it a grammatically correct name - negative concord is naughty! Hehe.
Mon Mar 07, 2005 4:55 am
All we need is for Sam, our site admin, to come back round and fix it. There isn't anyone else with access to the servers where it's stored. We do have a livejournal, if anyone wants to lurk, and temporary forums that even I forget exist.
http://www.livejournal.com/community/the_nc/
http://illuen.proboards22.com/index.cgi
http://www.livejournal.com/community/the_nc/
http://illuen.proboards22.com/index.cgi
Mon Mar 07, 2005 11:01 am
I don't mean to be rude or anything, but since the forums got hacked recently too, why didn't you patch the phpBB version you are using to fix the security holes that the hackers exploit?
I admin a large phpBB that was hacked around the same time neocolors was first hacked, and it was patched. I mod on another phpBB and that one was patched as well when I told the owner of the recent hackings. It's easy enough to prevent once you know about the security holes.
I admin a large phpBB that was hacked around the same time neocolors was first hacked, and it was patched. I mod on another phpBB and that one was patched as well when I told the owner of the recent hackings. It's easy enough to prevent once you know about the security holes.
Mon Mar 07, 2005 2:30 pm
It's because the site admin is kinda awol most of the time I think. The worm in question can only affect older versions of phpbb where it can exploit an old bug and on a shared server it only takes one site with the phpbb exploit open for all sites on the server to be attacked. The neocolours phpbb is several versions out of date and unmodded and while the forum admin and mods do a great job they don't have shell access or ftp access to upload the patch or modify the files.
Without the site admin there isn't much that can be done for the site =(
Without the site admin there isn't much that can be done for the site =(