Um, hi. Hate for this to be my first post here, but it's pretty much all I have left to turn to. ^^' I'm not sure if any of you have ever heard of a hacker by the name of Hailstorm who goes around breaking into Invisionfree boards, but I have reason to believe he's targeting my board next. I'm not going to give out any links, except to his forum so that perhaps you could help me to determine his method of intrusion. This (http://z11.invisionfree.com/Domain_0/index.php?act=idx) is his board, as you can see, all the redirect forums in the category "Domain" are to boards he has hacked into. Generally what he does is obtain a root admin account, de-admin or de-mod all staff members, and hide all categories and forums. He then changes the banner and makes a new category visible to all, explaining that he has taken over the board. And since I have reason to believe I am his next target, I would greatly appreciate any help or advice that could be offered in protecting my board. I know that Invisionfree is supposedly secure, but then there would be no way to explain the 22 boards he has hacked thus far. (22nd isn't on his site yet.) Thank you for reading this, and thank you for any suggestions or insight you may have to offer.

Invisionfree is updated on all servers, so there's no reason to think that these people don't patch their versions.

I would say that the only method I can think of is brute-forcing the passwords, or social engineering the admin to give the password away.

Invisionfree is updated on all servers, so there's no reason to think that these people don't patch their versions.

I would say that the only method I can think of is brute-forcing the passwords, or social engineering the admin to give the password away.

Okay. It wouldn't be the latter, as I discussed that with the last person he hacked into. So is there any way to prevent brute-forcing the passwords? (^^' Heh, sorry if that's a n00bish question...)

Rules for passwords:

1. Don't use ANY word that can be found in the dictionary
2. Use at least 2 numbers
3. If possible, use wierd characters (#,@,&,*, etc.)
4. Don't make it anything that can be dangerous to your personal life (i.e. your real name, last 4 digits of SSN, etc.)

I've also heard that some brute-forcing methods cannot detect certain ALT characters. Is there any truth to this?

Um, hi. Hate for this to be my first post here, but it's pretty much all I have left to turn to. ^^' I'm not sure if any of you have ever heard of a hacker by the name of Hailstorm who goes around breaking into Invisionfree boards, but I have reason to believe he's targeting my board next. I'm not going to give out any links, except to his forum so that perhaps you could help me to determine his method of intrusion. This (http://z11.invisionfree.com/Domain_0/index.php?act=idx) is his board, as you can see, all the redirect forums in the category "Domain" are to boards he has hacked into. Generally what he does is obtain a root admin account, de-admin or de-mod all staff members, and hide all categories and forums. He then changes the banner and makes a new category visible to all, explaining that he has taken over the board. And since I have reason to believe I am his next target, I would greatly appreciate any help or advice that could be offered in protecting my board. I know that Invisionfree is supposedly secure, but then there would be no way to explain the 22 boards he has hacked thus far. (22nd isn't on his site yet.) Thank you for reading this, and thank you for any suggestions or insight you may have to offer.

Wow, what a lame idiot. Script-kiddies like him are despised by even most black-hats -- what's the point of random destruction without any personal gain? I think I speak for everyone when I say we have zero respect for him, even though he's probably doing this for his own ego.

Posting personal information is against the rules, but we need some clarification on whether web-addresses are included in this. You may have to remove it.


I'm not sure if any of you have ever heard of a hacker by the name of Hailstorm

No, but I don't associate with script-kiddies.


And since I have reason to believe I am his next target, I would greatly appreciate any help or advice that could be offered in protecting my board. I know that Invisionfree is supposedly secure, but then there would be no way to explain the 22 boards he has hacked thus far. (22nd isn't on his site yet.) Thank you for reading this, and thank you for any suggestions or insight you may have to offer.

One possibility is that he found a way to exploit either the Invisionfree infrastructure or the IPB forum scripts. Both are unlikely, but a XSS flaw could (although unlikely ) exist in IPB. Not that much of a risk though, because you have to open a PM, read a thread, click a link or any other similar action to put yourself at risk to losing your cookies via this.

Most likely is that he uses social engineering techniques and/or phishing to obtain passwords. Don't believe e-mails or any other messages you receive supposedly from people related to Invisionfree or your board, and don't click a single link. I doubt he's using anything creative or particularly skilled to do this.


So is there any way to prevent brute-forcing the passwords?

I'd be very surprised if IPB didn't prevent brute-forcing through lockout periods. Even if they didn't, a bored script-kiddy isn't going to waste that much time chasing after one forum password that is of little value to him.

Alright, he just broke into another member's account and posted a thread like this, with each new quote being a seperate post. I banned the member account and all the IPs, but it's a rotating proxy so it doesn't do much good.


Soon, All of ur base are belong to me.

This account has been taken by Hailstorm.


/Hailstorm\

Extraction successful, exploit is functional again.

This site is mine, real soon.


/Hailstorm\

Decoding in process.


/Hailstorm\

Root admin's hash is undergoing cracking. Estimated time, 3-4 hours.

/Hailstorm\

Porn virus's uploaded.



/Hailstorm\

Passwords of other admins now being extracted.


/Hailstorm\

...? I have no idea what he's talking about, but my members are freaking out and I don't know if his threat is real or if he's just trying to scare us.

He's joking, there's no way he can upload a virus to anyone, and that first quote "all your base are belong to us" is from an old video game.

I would like to know how he's decrypting admin hashes, when nobody using Invisionfree has access to them, not even board admins. To do that, he'd have to have access to Invisionfree's root servers, and an idiot like him with that kind of power would've already screwed millions of boards.

I'm putting my money on guessing easy passwords.

He's joking, there's no way he can upload a virus to anyone, and that first quote "all your base are belong to us" is from an old video game.

I would like to know how he's decrypting admin hashes, when nobody using Invisionfree has access to them, not even board admins. To do that, he'd have to have access to Invisionfree's root servers, and an idiot like him with that kind of power would've already screwed millions of boards.

I'm putting my money on guessing easy passwords.
XP Knew the part about the video game. But really? All that crap he was spouting was impossible? That really does make me feel a lot better, thanks. ^^' Like I said, I'm no hacker, so all this terminology makes my head spin.

kind of hysterical hes using an invision board himself, isnt it?

Alright, he just broke into another member's account and posted a thread like this, with each new quote being a seperate post. I banned the member account and all the IPs, but it's a rotating proxy so it doesn't do much good.

Hasn't he got anything better to do?


...? I have no idea what he's talking about, but my members are freaking out and I don't know if his threat is real or if he's just trying to scare us.

Sounds like technobabble (http://en.wikipedia.org/wiki/Technobabble).


You don't 'decode' passwords, you crack the hashes (if you have them) which takes longer than 3-4 hours on all but the most basic.


Porn viruses? Apart from the fact that that doesn't make sense, you can't upload anything to Invisionfree forums; they're hosted by Invisionfree.


If he got access, I'm not sure if Invisionfree allows admins to download the database (thus password hashes). I doubt it.

Also, he got the 'all your base' meme wrong. He sounds like an idiot.

Hasn't he got anything better to do?
*shakes head* >_< Not at all...and he got in anyways, so it doesn't really matter if I post the link or not. http://z4.invisionfree.com/Pokemon_Paridise/index.php He changes the skin, replaces the banner, makes all the forums invisible but his new one, and then sits around to watch everyone flame him. It's like feeding a troll. >.> He's so starved for attention that he wastes his time breaking into forums, making elaborate stories up, and then sitting around to watch everyone flame him.

Tell this little Hailstorm guy to try and hack my forums (they are Invisionfree as well).

http://www.dotcomforum.org/

Oh, the domain is just a masking-name domain, the real board link is here:

http://z8.invisionfree.com/DotCom_Forum/index.php

Same board, different URLs, just in case Hailstorm complains that he can't hack boards with domains:rolleyes:

I want to see once and for all if this little skiddie has really found an exploit, or if he's just brute-forcing.

if he's bruteforcing,he has lots of time on his hands:cool:

Tell this little Hailstorm guy to try and hack my forums (they are Invisionfree as well).

http://www.dotcomforum.org/

Oh, the domain is just a masking-name domain, the real board link is here:

http://z8.invisionfree.com/DotCom_Forum/index.php

Same board, different URLs, just in case Hailstorm complains that he can't hack boards with domains:rolleyes:

I want to see once and for all if this little skiddie has really found an exploit, or if he's just brute-forcing.
Alright, can do. I'll do what I can, the most likely way to get him to try is to indirectly insult him and then brag that he can't hack it...XD

This might sound like rather odd, but why not convert everything and do a total data migration to say....Snitz forums? You could have your 15 or 20 deticated users sign up, keep on the same domain, except know he cannot use the InvisionFree exploit on Snitz, so I guess you'll see how dedicated your users are, because if what this kid's saying is true, you are a sitting duck. Good luck.

This might sound like rather odd, but why not convert everything and do a total data migration to say....Snitz forums? You could have your 15 or 20 deticated users sign up, keep on the same domain, except know he cannot use the InvisionFree exploit on Snitz, so I guess you'll see how dedicated your users are, because if what this kid's saying is true, you are a sitting duck. Good luck.

I don't think any of you should run away from these script kiddies, even if they pose a threat to your forums. I'm interested in what methods he's using; I suspect something very unskilled.

He's joking, there's no way he can upload a virus to anyone, and that first quote "all your base are belong to us" is from an old video game.

I would like to know how he's decrypting admin hashes, when nobody using Invisionfree has access to them, not even board admins. To do that, he'd have to have access to Invisionfree's root servers, and an idiot like him with that kind of power would've already screwed millions of boards.

I'm putting my money on guessing easy passwords.

Actually, you get the md5 hash by requesting a password change. At least I think that's how it works; it send me one when I did.