• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Ubuntu forums got hacked..

Thatdad

Thatdad

Android Expert

Attachments

  • ubuntuhacked.jpg
    ubuntuhacked.jpg
    217.3 KB · Views: 104
Hahah... Wonder how long until the ubutuforums dictionary file is released. I'm curious about the vuln too. If it's an 0day, you'd think there'd be some more... lucrative targets.

Color me curious.


Edit:

Supposedly from the hacker: http://www.twitlonger.com/show/n_1rlft0d
Sounds like there is no real harm. If you trust him (or her ;)). No plans to release the database. Passwords are encrypted with the default vBulletin scheme, which seems to be decent. Two rounds of md5 with a salt thrown in for good measure. I wish his tweet would have said how he got in though.

E2: Okay, last edit (I hope). Sounds like the salt added to the password might have only been three characters. :eek: Hmm.. I wonder what the userbase for ubuntuforums.org was..?
 
9to5cynic said:
Hahah... Wonder how long until the ubutuforums dictionary file is released. I'm curious about the vuln too. If it's an 0day, you'd think there'd be some more... lucrative targets.

Color me curious.


Edit:

Supposedly from the hacker: TwitLonger — When you talk too much for Twitter
Sounds like there is no real harm. If you trust him (or her ;)). No plans to release the database. Passwords are encrypted with the default vBulletin scheme, which seems to be decent. Two rounds of md5 with a salt thrown in for good measure. I wish his tweet would have said how he got in though.

E2: Okay, last edit (I hope). Sounds like the salt added to the password might have only been three characters. :eek: Hmm.. I wonder what the userbase for ubuntuforums.org was..?
Click to expand...

I don't know lol. Hopefully the hackers to true his/her words. This will be the buzz around ubuntuforums for a while and I'm sure there will be a few stickies LOL
 
ss1992 said:
So I was trying to follow a url link and it came up with this.. http://ubuntuforums.org/announce.html?t=1591308
Click to expand...
Yeah, they notified me via e-mail, even though I haven't been active over there for a good while. (I got tired of being treated like we were all in Kindergarten: "Now, now, let's not post DANGEROUS things like how to enable root logins! Clueless noobs might wipe their drives accidentally!" :rolleyes:)

Came as a shocker to me somewhat. :confused:
Click to expand...
I'm guessing, but have no way to prove, that it involved an inside job.

I bet a bunch of Ubuntu noobies are tripping right now! No help! :p
Click to expand...
No, there's still plenty of help available. From the "we're down" page:

If you're using Ubuntu and need technical support please see the following page for support:

Finding Help.

If you're looking for a place to discuss Ubuntu, in the meantime we encourage you to check out these sites:

The Ubuntu subreddit
The Ubuntu Community on Google+
Ubuntu Discourse
Click to expand...

Thoughts anyone?
Click to expand...
Um...someone(s) fell down on the job?
 
You must log in or register to reply here.
Back
Top Bottom