basically if you had a username with the same pw as your habbo on habbohut forums then best changhe it, just got this through from habbohut:



GG HabboHut,

Owned by the JpK crew.

- Forum has been mysql injected
- administration has been logged
- forum database has been downloaded

GG

[JpK];;


FOR THE LULZ. i dont think anyone goes on habbohut so like what the hell lol. AND IT IS NEWS CUZ... NOBODY KNEW


Edited by Catzsy [Forum Super Moderator]: Moved from Habbo News to Habbo in General as it not actual news about the hotel. Thanks.

habbohut was big like 4 years ago its not as big as it used to be i didnt even know it had a forum

Yeah the forums pretty dead beat anyway, but its a damn shame.

didnt even know it was still open, lol.

yeah thought they closed last year lol?

hackers r so cool these days

habbohut is open? lmao

oh well everyone on there was obnoxious anyway

Oh bless their cotton socks.


- Forum has been mysql injected
- administration has been logged
- forum database has been downloaded

vBulletin has no exploit in which you can MySQL inject, unless HabboHut have coded some rubbish. system which went vulnerable. Administration has been logged? The only way you can keylog through a website, is keylog the login box - which would mean, it's not the Administration being logged, it's the whole of the website's login? Forum Database, whoop de doop. They can do nothing with the database, due to the fact all your passwords are encrypted and they seem too nooby to decrypt passwords. :eusa_danc

My guess is, they somehow got access to the website (maybe an exploit on the actual fansite, not the forum) or something, uploaded a shell and kept it there. Went on the shell, got the configuration details, entered the MySQL password, made their user administrator and 'hack' the Forums. JpK? They're not hackers. SIMPLE.
Exploiting is not the same as hacking, idiots.

Oh bless their cotton socks.



vBulletin has no exploit in which you can MySQL inject, unless HabboHut have coded some rubbish. system which went vulnerable. Administration has been logged? The only way you can keylog through a website, is keylog the login box - which would mean, it's not the Administration being logged, it's the whole of the website's login? Forum Database, whoop de doop. They can do nothing with the database, due to the fact all your passwords are encrypted and they seem too nooby to decrypt passwords. :eusa_danc

My guess is, they somehow got access to the website (maybe an exploit on the actual fansite, not the forum) or something, uploaded a shell and kept it there. Went on the shell, got the configuration details, entered the MySQL password, made their user administrator and 'hack' the Forums. JpK? They're not hackers. SIMPLE.
Exploiting is not the same as hacking, idiots.

Hacking is a loose term for many things today, including social engineering which is how access to the site was obtained.

Hacking is a loose term for many things today, including social engineering which is how access to the site was obtained.

Lol. Are the Management that stupid to be fooled by Social Engineering?