TFF listed as attack site (yet again!) in firefox

[Merlin]

I don't remember if I got the most updated vB licensce info, but I can upgrade the forums to the latest update, etc once I do... which would include nuking all the files. That is unless you want to go ahead and do that now, since I won't have time to do it until Saturday.

And yes, I deleted all traces of vB exploits I found. I have backups of what they did on my computer. What they were doing didn't actually work, from what I could see, but even attempting it is good enough in my book to ban your ass.

[Fuzz]

I'll e-mail you the updated VB info. I did update the forums earlier today to 3.7.3 Patch Level 1, which is the latest version. THANK YOU for handling the vb exploits and doing what you gotta do You the man.

Oh and good news, I think this is all resolved, apparently that Javascript file with the URL injection was the culprit. Here is the latest message from Google (about 2 hours ago)

"Status of the latest badware review for this site: A review for this site has finished. The site was found clean. The badware warnings from web search are being removed. Please note that it can take some time for this change to propagate."

YAY!

I am currently working on securing the server even more to ensure this type of thing will not happen again... wow, how annoying... Again thanks.

[Kaiser Dragoon]

Ehh, just a little FYI, you should update the rules and regulations if you're gonna ban people for something. *nods* I did I search in the Rules and Regulations and the word "javascript" is nowhere to be found.

Now, I only did a "CTRL+F" and typed in Java (I didn't need to type anything else, because it told me it didn't even find that), so, it may be worded different and all. Either way, not to be a prick, which it may seem like I am doing, just saying, it should probably be added so someone doesn't add script they think might be harmless and get banned for it.

~Kaiser Dragoon

[Merlin]

Ignorance, ie: "I didn't know the gun was loaded", is not an excuse. You are responsible for what you put in your profile. It goes without saying that anything that interferes with the functionality/behavior of the site/forums is considered hacking and will be dealt with appropriately. Also, the discussion of, linking to, or actual use of hacking on the forums used to be a rule. It was modified outside of my control, but Site Security trumps those rules anyways.

Keep in mind, upon registering you sign a waiver stating that the staff can enforce standards whether they are listed or not. If you have any questions or concerns on a particular banning or decision or are unsure whether the code in your signature is acceptable, please address them to the staff through the Private Message system, not in a topic.

[LocoColt04]

We need to get rid of AdSense. I just pulled seven trojans off of my laptop; first infection I've ever had since I got this laptop nearly three years ago. I only visit a very limited number of websites, and this is the only one that's having security issues.

They showed up on boot and were killed immediately.

[Fuzz]

Not Adsense this time. a mySQL injection on the forum index. The main site is fine... just the forums this time. I searched the DB and found an 'unescape' javascript with a hidden google-analytize URL on there with a link to malware.

I have updated the security patches and this should resolve the issue yet again

Sorry for the trouble guys, i mean it... I HATE when this happens.

[IRANianCha0s]

This is so lol...



Google: Here you go, use some of our proprietary Adsense advertisements to make money towards hosting your site!

TFF: HOKAY! (uses Adsense)

Google: OMFG The Final Fantasy: Exclusive Final Fantasy Coverage and Community IS NOW A REPORTED ATTACK SITE!!! NO ONE GO THERE LOL

TFF: :'(

IRANianCha0s:

[Merlin]

Is MySQL and Apache up-to-date, or is that what you are refering to? O.o

Also, why the hell is vB so vunerable to XSS all of a sudden... they are supposed to be filtering everything for that shit.

The only other thing I can think of is because you have the site and forums interconnected in a mishmash fashion, so someone is hijacking the DB through the site somehow. The DB has been steadily getting more and more buildup over the years from old hacks, whatever... plus all the crap running now. Last ditch effort might be to back-up the "useful" parts of the db, ie: only the fields that are used by vB 3.7.3 standard, and nuke the whole damned thing, DB, directory, everything. Reinstall everything from the ground up and only add the features we actually need. It'd be a big mess and the forums would be down a few days, but it might be worth looking into. I'd work on it, but I have no clue how to access the DB atm.