• Print

Author Topic: Security exploit?  (Read 14 times)

0 Members and 1 Guest are viewing this topic.

Offline Megiddo

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 6214
  • Karma: 394
  • Project Lead
Security exploit?
« on: November 27, 2007, 05:37:14 pm »
Posting for spbogie to grab these logs. Pirate was running ULX 3.11 and had someone gain superadmin access.

Quote from: Pirate
Here they are.

Search for the following:

clown321
skater321
Shadwick

They are all the same kid, using 2 different IP's.

He was the only super admin besides Suicide Bomber, whom did not add him as a user.
Experiencing God's grace one day at a time.

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 8096
  • Karma: 390
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: Security exploit?
« Reply #1 on: November 28, 2007, 05:25:13 am »
Have the logs been modified?
The console log (and maybe ULX log) seems to have missing chatter around the same times the person adds himself, and then uses !menu later.
I've not had much time to look yet though.
"Though a program be but three lines long, someday it will have to be maintained." -- The Tao of Programming

Offline Megiddo

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 6214
  • Karma: 394
  • Project Lead
Re: Security exploit?
« Reply #2 on: November 28, 2007, 08:35:45 am »
He didn't say he modified them any...

I spent a long time googling his IP/nicks and came up with nothing as well. I did find various interesting tidbits relating to ULX though. :)
Experiencing God's grace one day at a time.

  • Print