Page 1 of 2 12 LastLast
Results 1 to 25 of 26

Thread: SQL Exploit Attack?

  1. #1
    Founder's Club Member
    Join Date
    Nov 2009
    Location
    Greensboro, North Carolina, USA
    Posts
    1,052

    Post imported post

    Welcome back OCDO member's.

    What the frack happened?

    Or was I the only poor-kid that couldn't get to this site from two different computers... I was getting worried.

  2. #2
    Banned
    Join Date
    Jun 2009
    Location
    across Death's Door on Washington Island, Wisconsin, USA
    Posts
    2,382

    Post imported post

    Did you read and understand the error messages ("...marked as crashed. Try to fix it.")? Did you use a third party site like downforme? Loosen your tinfoil beanie, space cadet, there has been an increase in mywowbb traffic.

  3. #3
    Regular Member
    Join Date
    Dec 2009
    Location
    , ,
    Posts
    379

    Post imported post

    I don't know a lot about mysql, but I am an Oracle DBA. It didn't look like it was a traffic issue, it looked like a db crash to me. Could have been a data file corrupted, disk issues, a backup that went south... etc. It didn't look like an attack to me though.

  4. #4
    Regular Member
    Join Date
    Oct 2008
    Location
    Fallon, Nevada, USA
    Posts
    5,580

    Post imported post

    It sure completely took it down. Looked like a database failure.
    "Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety." Benjamin Franklin

  5. #5
    Banned
    Join Date
    Jun 2009
    Location
    across Death's Door on Washington Island, Wisconsin, USA
    Posts
    2,382

    Post imported post

    Yep, it sure did! Why I remember the last time...

  6. #6
    Regular Member zoom6zoom's Avatar
    Join Date
    Jun 2006
    Location
    Dale City, VA, Virginia, USA
    Posts
    1,694

    Post imported post

    I figured it was a mywowbb issue since vaguntrader was down with almost the same error message.

  7. #7
    Regular Member
    Join Date
    Jun 2009
    Location
    Las Vegas, NV
    Posts
    1,140

    Post imported post

    Actually he is correct, there is simple exploits with DOS attacks that can kill the SQL database. The message given was just a SQL error return, not something left by the owners.



    Master Doug Huffman wrote:
    Did you read and understand the error messages ("...marked as crashed. Try to fix it.")? Did you use a third party site like downforme? Loosen your tinfoil beanie, space cadet, there has been an increase in mywowbb traffic.

  8. #8
    Regular Member
    Join Date
    Mar 2009
    Location
    Gloucester, Virginia, USA
    Posts
    629

    Post imported post

    Yes, but the vaguntrader site is still down. Leading me to believe this was coordinated, would not be the first time. Either way, glad we are bak up here!

  9. #9
    Campaign Veteran deepdiver's Avatar
    Join Date
    Apr 2007
    Location
    Southeast, Missouri, USA
    Posts
    5,974

    Post imported post

    I did read but did not understand the error message beyond that there was a SQL error of some type. On the one hand we have had such crashes before which has led to many of us lament wowBB. On the other hand I questioned the timing as the apparent crash comes just as this site is getting national exposure from the Starbucks matter.

    Hopefully Mike or John will chime in and let us know if this was the result of just another wowBB crash or if this was the result of some type of attack on the site.
    Bob Owens @ Bearing Arms (paraphrased): "These people aren't against violence; they're very much in favor of violence. They're against armed resistance."

  10. #10
    Regular Member
    Join Date
    Mar 2009
    Location
    Richmond, Virginia, USA
    Posts
    32

    Post imported post

    If it was an attack I would not not be even slightly surprised. Attacking of forums between different parties has been going since the days of the good old BBS back in the middle 90's.

    Welcome to the internet!

  11. #11
    Founder's Club Member
    Join Date
    Nov 2009
    Location
    Greensboro, North Carolina, USA
    Posts
    1,052

    Post imported post

    Master Doug Huffman wrote:
    Did you read and understand the error messages ("...marked as crashed. Try to fix it.")? Did you use a third party site like downforme? Loosen your tinfoil beanie, space cadet, there has been an increase in mywowbb traffic.
    It was partially a joke but I did mean some truth to the possibility, I am no fool when it comes to security exploitsof databases and operating systems. Denial of Service attacks in each case serve, specifically, to crash it's target, however, in no way was I blaming a specific cause, hence why I asked the question.

  12. #12
    Regular Member Dreamer's Avatar
    Join Date
    Sep 2009
    Location
    Grennsboro NC
    Posts
    5,358

    Post imported post

    If anyone is even slightly doubtful that we are constantly under surveillance and attack, write a PM to the Site Owners, and ask them point blank if there have ever been any "troublesome" members with hinky originating IP addresses, like the UN headquarters in NY (found during investigations into the LAST time the site went down...)

    Cass Sunstein has been publishing papers for years saying that he believes that the Government should use ANY MEANS NECESSARY to shut down dissent, including infiltration, disinformation and agent provocateurs. All you need to do is research his scholarly writings. They have been published by such fringy, wacko organizations as the Harvard Law School an the Chicago School of Law. And this "left wing radical conspiracist" is a Cabinet-level official in the current administration. If he was writing about these plans in 2008, you better BELIEVE they have been gearing up to implement them for at least as long.

    When the current administration talks about "shovel ready projects" what they are REALLY talking about is the shovel-fulls of BS and mud they are going to sling at their opponents and dissenters, and they have been planning to "hit the ground running" with these operations since BEFORE the election, rest assured...

    No tinfoil hats here--I just believe it is valuable to identify, know and understand the tactics of "the other side".

    When they do it in front of our faces and admit to it in published writings, it's NOT a conspiracy "theory"--it's brazen elitist tyranny in fact...
    It is our cause to dispel the foggy thinking which avoids hard decisions in the delusion that a world of conflict will somehow mysteriously resolve itself into a world of harmony, if we just don't rock the boat or irritate the forces of aggression—and this is hogwash."
    --Barry Goldwater, 1964

  13. #13
    Regular Member
    Join Date
    Aug 2009
    Location
    Portsmouth, Virginia, USA
    Posts
    463

    Post imported post

    tekshogun wrote:
    Master Doug Huffman wrote:
    Did you read and understand the error messages ("...marked as crashed. Try to fix it.")? Did you use a third party site like downforme? Loosen your tinfoil beanie, space cadet, there has been an increase in mywowbb traffic.
    It was partially a joke but I did mean some truth to the possibility, I am no fool when it comes to security exploitsof databases and operating systems. Denial of Service attacks in each case serve, specifically, to crash it's target, however, in no way was I blaming a specific cause, hence why I asked the question.
    More than likely it wasn't a classicdenial of service (DOS) attack...as we could get to this site. But, once we got to the site, the database server had no idea what to do with the requests so it generated the error message...probably a "SQL Injection" attack to screw up the database...which does have the same end result as a DOS attack...making the system unavailable...but, the classic DOS attack inundates the system with more requests for pages from the web server than it can handle. I'm a database programmer for the Army...I've had some experience with SQL Injection attacks on web sites I've designed for the Army.

  14. #14
    Regular Member okboomer's Avatar
    Join Date
    Oct 2009
    Location
    Oklahoma, USA
    Posts
    1,164

    Post imported post

    And, actually there were two error messages ... when trying to enter the forum through opencarry.org I would see a simple databaseunable to parseerror, when trying to enter the forum through a link to a thread I was following, the crash error said the whole database was corrupted.

    The timing is certainly suggestive, but could it have come from so many trying to access the forum due to the publicity?

    Of course, you know what they say about paranoia?
    cheers - okboomer
    ~~~~~~~~~~~~~~~~~~~~~~
    Lead, follow, or get out of the way

    Exercising my 2A Rights does NOT make me a CRIMINAL! Infringing on the exercise of those rights makes YOU one!

  15. #15
    Regular Member
    Join Date
    Jun 2009
    Location
    Las Vegas, NV
    Posts
    1,140

    Post imported post

    Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

    It would be very easy for someone who was anti-gun to crash it, with just a little smarts.

  16. #16
    Founder's Club Member Brass Magnet's Avatar
    Join Date
    Apr 2009
    Location
    Right Behind You!, Wisconsin, USA
    Posts
    2,818

    Post imported post

    Pace wrote:
    Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

    It would be very easy for someone who was anti-gun to crash it, with just a little smarts.
    It may have not even been anyone with a gun agenda. The forums on my website get screwed at least once or twice a year from some eastern block european script kiddies. One time they even posted a picture and a big message "hacked by blah blah blah" To put it in perspective, my forums have like 100 members; so they did it just for the heck of it.

    I just make sure to have a good backup and toss it back up there.




    R[ƎVO˩]UTION

    ΜΟΛΩΝ ΛΑΒΕ

    Lex malla, lex nulla

  17. #17
    Regular Member
    Join Date
    Oct 2008
    Location
    Randolph County, Alabama, USA
    Posts
    58

    Post imported post

    Pace wrote:
    Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

    It would be very easy for someone who was anti-gun to crash it, with just a little smarts.
    this right here is the only problem with this theory

  18. #18
    Moderator / Administrator Grapeshot's Avatar
    Join Date
    May 2006
    Location
    North Chesterfield, Va.
    Posts
    34,622

    Post imported post

    For what its worth - The most users ever online was 1030 on Thu Mar 4th, 2010.

    This from the bottom of the main forum page.

    A majority of those online are generally "guests" (not "registered") who cannot post or reply.

    Yata hey
    You will not rise to the occasion; you will fall back on your level of training.” Archilochus, 650 BC

    Old and treacherous will beat young and skilled every time. Yata hey.

  19. #19
    Regular Member
    Join Date
    Aug 2009
    Location
    Portsmouth, Virginia, USA
    Posts
    463

    Post imported post

    Pace wrote:
    Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

    It would be very easy for someone who was anti-gun to crash it, with just a little smarts.
    Stranger things have happened. The Hacker's mantra is "If at first you don't succeed, try try again." They have a litany list of tools, mostly freely available on the Internet,that seek out vulnerabilitiesand try to exploit them...seeing as how Apache, the web server thissite runs on, and MySQL, the database server this site runs on, are public domain software...or actually GNU licensed, which means the source code is freely available to the public...those vulnerabilities are even easier to discover.

  20. #20
    Regular Member
    Join Date
    Mar 2010
    Location
    Kenai Pensula, Alaska, USA
    Posts
    57

    Post imported post

    fully_armed_biker wrote:
    Pace wrote:
    Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

    It would be very easy for someone who was anti-gun to crash it, with just a little smarts.
    Stranger things have happened. The Hacker's mantra is "If at first you don't succeed, try try again." They have a litany list of tools, mostly freely available on the Internet,that seek out vulnerabilitiesand try to exploit them...seeing as how Apache, the web server thissite runs on, and MySQL, the database server this site runs on, are public domain software...or actually GNU licensed, which means the source code is freely available to the public...those vulnerabilities are even easier to discover.
    One -- the admins need to turn off the error messages so if it happens again, the error message wont show publically but only in their private logs.

    Two -- downloading tools to "hack" a site is calling using scripts which makes them script kiddies not hackers. Hackers write their own code and dont use scripts.

    Three -- Just because they use a proxy -- suspecious IP addy -- doesnt automatically make them a script kiddie, but maybe someone from a country or company where this site is on the ban list due to it speaking of guns and that is how they get around that ban.


    That all said.. I am glad it is back.

  21. #21
    Regular Member
    Join Date
    Sep 2009
    Location
    Richmond, VA
    Posts
    1,415

    Post imported post

    CarryOpen wrote:
    I don't know a lot about mysql, but I am an Oracle DBA. It didn't look like it was a traffic issue, it looked like a db crash to me. Could have been a data file corrupted, disk issues, a backup that went south... etc. It didn't look like an attack to me though.
    I am a network engineer, and this is the same conclusion I would have come to. It was clear that it was unable, for whatever reason, to contact the Database for queries.

    There are a ton of exploits for DoS'ing databases, unfortunately.

    If you guys need any help with troubleshooting what happened I would be happy to offer my services at no fee. I am suspecting a request flood to the DB, or the segment where it was hosted was entirely DoS'd.
    Quote Originally Posted by Beretta92FSLady View Post
    Personal responsibility is a facade created by religious people in particular...
    On "Personal Responsibility just after the previous, in the same exact thread.
    Quote Originally Posted by Beretta92FSLady View Post
    Religion uses is as a tool, they did not create it.
    The wheels on the bus go round and round...round and round.

    Quote Originally Posted by Beretta92FSLady View Post
    You think that I am ill-equipped...hit me with your best shot Einstein, I am calling you out.


    Quote Originally Posted by Beretta92FSLady View Post
    Free will is only slightly a conscious exercise...

  22. #22
    Regular Member TFred's Avatar
    Join Date
    Oct 2008
    Location
    Most historic town in, Virginia, USA
    Posts
    7,705

    Post imported post

    fully_armed_biker wrote:
    Stranger things have happened. The Hacker's mantra is "If at first you don't succeed, try try again." They have a litany list of tools, mostly freely available on the Internet,that seek out vulnerabilitiesand try to exploit them...seeing as how Apache, the web server thissite runs on, and MySQL, the database server this site runs on, are public domain software...or actually GNU licensed, which means the source code is freely available to the public...those vulnerabilities are even easier to discover.
    And that also makes them much more likely to be discovered and fixed. Even the DoD, which long resisted open source, has climbed aboard.

    And besides... shouldn't a forum about open carry also use open source software?

    TFred


  23. #23
    Banned
    Join Date
    Jun 2009
    Location
    across Death's Door on Washington Island, Wisconsin, USA
    Posts
    2,382

    Post imported post

    I notice that the administrator has not said much.

  24. #24
    Regular Member Dreamer's Avatar
    Join Date
    Sep 2009
    Location
    Grennsboro NC
    Posts
    5,358

    Post imported post

    Maybe they've been advised to "neither confirm nor deny"...
    It is our cause to dispel the foggy thinking which avoids hard decisions in the delusion that a world of conflict will somehow mysteriously resolve itself into a world of harmony, if we just don't rock the boat or irritate the forces of aggression—and this is hogwash."
    --Barry Goldwater, 1964

  25. #25
    Campaign Veteran
    Join Date
    Aug 2009
    Location
    Huntsville, AL, ,
    Posts
    181

    Post imported post

    It looks like some recent threads were lost, too. I was just looking for something I recently posted in reply to a new user and it appears to be missing.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •