• We are now running on a new, and hopefully much-improved, server. In addition we are also on new forum software. Any move entails a lot of technical details and I suspect we will encounter a few issues as the new server goes live. Please be patient with us. It will be worth it! :) Please help by posting all issues here.
  • The forum will be down for about an hour this weekend for maintenance. I apologize for the inconvenience.
  • If you are having trouble seeing the forum then you may need to clear your browser's DNS cache. Click here for instructions on how to do that
  • Please review the Forum Rules frequently as we are constantly trying to improve the forum for our members and visitors.

SQL Exploit Attack?

tekshogun

Founder's Club Member
Joined
Nov 17, 2009
Messages
1,052
Location
Greensboro, North Carolina, USA
imported post

Welcome back OCDO member's.

What the frack happened?

Or was I the only poor-kid that couldn't get to this site from two different computers... I was getting worried.
 

CarryOpen

Regular Member
Joined
Dec 30, 2009
Messages
379
Location
, ,
imported post

I don't know a lot about mysql, but I am an Oracle DBA. It didn't look like it was a traffic issue, it looked like a db crash to me. Could have been a data file corrupted, disk issues, a backup that went south... etc. It didn't look like an attack to me though.
 

Pace

Regular Member
Joined
Jun 2, 2009
Messages
1,140
Location
Las Vegas, NV
imported post

Actually he is correct, there is simple exploits with DOS attacks that can kill the SQL database. The message given was just a SQL error return, not something left by the owners.



Master Doug Huffman wrote:
Did you read and understand the error messages ("...marked as crashed. Try to fix it.")? Did you use a third party site like downforme? Loosen your tinfoil beanie, space cadet, there has been an increase in mywowbb traffic.
 

Pagan

Regular Member
Joined
Mar 5, 2009
Messages
629
Location
Gloucester, Virginia, USA
imported post

Yes, but the vaguntrader site is still down. Leading me to believe this was coordinated, would not be the first time. Either way, glad we are bak up here!
 

deepdiver

Campaign Veteran
Joined
Apr 2, 2007
Messages
5,820
Location
Southeast, Missouri, USA
imported post

I did read but did not understand the error message beyond that there was a SQL error of some type. On the one hand we have had such crashes before which has led to many of us lament wowBB. On the other hand I questioned the timing as the apparent crash comes just as this site is getting national exposure from the Starbucks matter.

Hopefully Mike or John will chime in and let us know if this was the result of just another wowBB crash or if this was the result of some type of attack on the site.
 

frenchdl

Regular Member
Joined
Mar 15, 2009
Messages
32
Location
Richmond, Virginia, USA
imported post

If it was an attack I would not not be even slightly surprised. Attacking of forums between different parties has been going since the days of the good old BBS back in the middle 90's.

Welcome to the internet! ;)
 

tekshogun

Founder's Club Member
Joined
Nov 17, 2009
Messages
1,052
Location
Greensboro, North Carolina, USA
imported post

Master Doug Huffman wrote:
Did you read and understand the error messages ("...marked as crashed. Try to fix it.")? Did you use a third party site like downforme? Loosen your tinfoil beanie, space cadet, there has been an increase in mywowbb traffic.

It was partially a joke but I did mean some truth to the possibility, I am no fool when it comes to security exploitsof databases and operating systems. Denial of Service attacks in each case serve, specifically, to crash it's target, however, in no way was I blaming a specific cause, hence why I asked the question.
 

Dreamer

Regular Member
Joined
Sep 23, 2009
Messages
5,360
Location
Grennsboro NC
imported post

If anyone is even slightly doubtful that we are constantly under surveillance and attack, write a PM to the Site Owners, and ask them point blank if there have ever been any "troublesome" members with hinky originating IP addresses, like the UN headquarters in NY (found during investigations into the LAST time the site went down...)

Cass Sunstein has been publishing papers for years saying that he believes that the Government should use ANY MEANS NECESSARY to shut down dissent, including infiltration, disinformation and agent provocateurs. All you need to do is research his scholarly writings. They have been published by such fringy, wacko organizations as the Harvard Law School an the Chicago School of Law. And this "left wing radical conspiracist" is a Cabinet-level official in the current administration. If he was writing about these plans in 2008, you better BELIEVE they have been gearing up to implement them for at least as long.

When the current administration talks about "shovel ready projects" what they are REALLY talking about is the shovel-fulls of BS and mud they are going to sling at their opponents and dissenters, and they have been planning to "hit the ground running" with these operations since BEFORE the election, rest assured...

No tinfoil hats here--I just believe it is valuable to identify, know and understand the tactics of "the other side".

When they do it in front of our faces and admit to it in published writings, it's NOT a conspiracy "theory"--it's brazen elitist tyranny in fact...
 

fully_armed_biker

Regular Member
Joined
Aug 27, 2009
Messages
463
Location
Portsmouth, Virginia, USA
imported post

tekshogun wrote:
Master Doug Huffman wrote:
Did you read and understand the error messages ("...marked as crashed. Try to fix it.")? Did you use a third party site like downforme? Loosen your tinfoil beanie, space cadet, there has been an increase in mywowbb traffic.

It was partially a joke but I did mean some truth to the possibility, I am no fool when it comes to security exploitsof databases and operating systems. Denial of Service attacks in each case serve, specifically, to crash it's target, however, in no way was I blaming a specific cause, hence why I asked the question.
More than likely it wasn't a classicdenial of service (DOS) attack...as we could get to this site. But, once we got to the site, the database server had no idea what to do with the requests so it generated the error message...probably a "SQL Injection" attack to screw up the database...which does have the same end result as a DOS attack...making the system unavailable...but, the classic DOS attack inundates the system with more requests for pages from the web server than it can handle. I'm a database programmer for the Army...I've had some experience with SQL Injection attacks on web sites I've designed for the Army.
 

okboomer

Regular Member
Joined
Oct 18, 2009
Messages
1,164
Location
Oklahoma, USA
imported post

And, actually there were two error messages ... when trying to enter the forum through opencarry.org I would see a simple databaseunable to parseerror, when trying to enter the forum through a link to a thread I was following, the crash error said the whole database was corrupted.

The timing is certainly suggestive, but could it have come from so many trying to access the forum due to the publicity?

Of course, you know what they say about paranoia?
 

Pace

Regular Member
Joined
Jun 2, 2009
Messages
1,140
Location
Las Vegas, NV
imported post

Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

It would be very easy for someone who was anti-gun to crash it, with just a little smarts.
 

Brass Magnet

Founder's Club Member
Joined
Apr 23, 2009
Messages
2,818
Location
Right Behind You!, Wisconsin, USA
imported post

Pace wrote:
Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

It would be very easy for someone who was anti-gun to crash it, with just a little smarts.

It may have not even been anyone with a gun agenda. The forums on my website get screwed at least once or twice a year from some eastern block european script kiddies. One time they even posted a picture and a big message "hacked by blah blah blah" To put it in perspective, my forums have like 100 members; so they did it just for the heck of it.

I just make sure to have a good backup and toss it back up there.
 

Theguy

Regular Member
Joined
Oct 13, 2008
Messages
58
Location
Randolph County, Alabama, USA
imported post

Pace wrote:
Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

It would be very easy for someone who was anti-gun to crash it, with just a little smarts.

this right here is the only problem with this theory
 

Grapeshot

Legendary Warrior
Joined
May 21, 2006
Messages
35,317
Location
Valhalla
imported post

For what its worth - The most users ever online was 1030 on Thu Mar 4th, 2010.

This from the bottom of the main forum page.

A majority of those online are generally "guests" (not "registered") who cannot post or reply.

Yata hey
 

fully_armed_biker

Regular Member
Joined
Aug 27, 2009
Messages
463
Location
Portsmouth, Virginia, USA
imported post

Pace wrote:
Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

It would be very easy for someone who was anti-gun to crash it, with just a little smarts.
Stranger things have happened. The Hacker's mantra is "If at first you don't succeed, try try again." They have a litany list of tools, mostly freely available on the Internet,that seek out vulnerabilitiesand try to exploit them...seeing as how Apache, the web server thissite runs on, and MySQL, the database server this site runs on, are public domain software...or actually GNU licensed, which means the source code is freely available to the public...those vulnerabilities are even easier to discover.
 

Archsgurl

Regular Member
Joined
Mar 3, 2010
Messages
57
Location
Kenai Pensula, Alaska, USA
imported post

fully_armed_biker wrote:
Pace wrote:
Unless the code is really, really poorly written, I dont see why too many users would crash it in that way. It's very possible there was something else going on.

It would be very easy for someone who was anti-gun to crash it, with just a little smarts.
Stranger things have happened. The Hacker's mantra is "If at first you don't succeed, try try again." They have a litany list of tools, mostly freely available on the Internet,that seek out vulnerabilitiesand try to exploit them...seeing as how Apache, the web server thissite runs on, and MySQL, the database server this site runs on, are public domain software...or actually GNU licensed, which means the source code is freely available to the public...those vulnerabilities are even easier to discover.

One -- the admins need to turn off the error messages so if it happens again, the error message wont show publically but only in their private logs.

Two -- downloading tools to "hack" a site is calling using scripts which makes them script kiddies not hackers. Hackers write their own code and dont use scripts.

Three -- Just because they use a proxy -- suspecious IP addy -- doesnt automatically make them a script kiddie, but maybe someone from a country or company where this site is on the ban list due to it speaking of guns and that is how they get around that ban.


That all said.. I am glad it is back. :D:D
 
Top