Clubhabbo is haxxed

Black_Apalachi · 15-01-2008, 10:31 PM

Anyway apart from the news, did any other part of the site get affected?

Btw, slightly off topic, but when Ryan mentioned HFFM it reminded me. Do HFFM an ClubHabbo have the same owners/management? I know Ryan is CH owner but is there anyone else who runs both? I'm only asking because they both seem really similar.

benno123 · 15-01-2008, 11:50 PM

an australian based site called wearelegion is hacking all of the official fansites cutenews.
every official australian fansite has been hacked and they're starting to hack international sites.
just a piece of advice if you'd like the news that they delete. do a backup.
there's that cutenews exploit that lets them in. they don't need a password or anything, just one of the users account names.

beau03 · 16-01-2008, 02:52 AM

Originally Posted by Robald

Anyway apart from the news, did any other part of the site get affected?

Btw, slightly off topic, but when Ryan mentioned HFFM it reminded me. Do HFFM an ClubHabbo have the same owners/management? I know Ryan is CH owner but is there anyone else who runs both? I'm only asking because they both seem really similar.

I noticed too but I don't think Ryan and Carnio get along to well!

siz · 16-01-2008, 03:53 AM

Im in a krew that haxxed habbox and runescape...

Its no big..

~~Sabbath~~ · 16-01-2008, 03:59 AM

Originally Posted by siz

Im in a krew that haxxed habbox and runescape...

Its no big..

OMG SIZROCKS GANG GONNA PWN YOU!

~~Pyroka~~ · 16-01-2008, 11:20 AM

Originally Posted by Sabbath

OMG SIZROCKS GANG GONNA PWN YOU!

LOLIRL! Well that's interesting! Why not just put the cutenews on a seperate DNS to the website, and iFrame it? I guess the impact shouldn't be as bad then if they were to hack it unlike how it is most of the time. I guess that's a makeshift way of fixing it.

Hitman · 16-01-2008, 11:25 AM

Originally Posted by Pyroka

LOLIRL! Well that's interesting! Why not just put the cutenews on a seperate DNS to the website, and iFrame it? I guess the impact shouldn't be as bad then if they were to hack it unlike how it is most of the time. I guess that's a makeshift way of fixing it.

Good idea but people would still be able to find where it's hosted.

I'd suggest another news script.

~~Pyroka~~ · 16-01-2008, 11:36 AM

Originally Posted by Hitman

Good idea but people would still be able to find where it's hosted.

I'd suggest another news script.

Obviously they would? All they'd have to do is look into the source code, however the consequences wouldn't be so severe.

Hitman · 16-01-2008, 12:00 PM

Originally Posted by Pyroka

Obviously they would? All they'd have to do is look into the source code, however the consequences wouldn't be so severe.

Well, from what I know (not much haha) they could get into cutenews and delete, add, edit news etc... redirect the page and all that. So if it's still being shown on the page from the other server and it got 'hacked' then it could be redirected, deleted etc... on the main site.

~~Pyroka~~ · 16-01-2008, 12:09 PM

Originally Posted by Hitman

Well, from what I know (not much haha) they could get into cutenews and delete, add, edit news etc... redirect the page and all that. So if it's still being shown on the page from the other server and it got 'hacked' then it could be redirected, deleted etc... on the main site.

Regular backups combat the deletion & edition. As for addition, just a recovery account would be ok, somewhere placed on the cutenews as an invisible user, even to administrators (I'm sure it could be done). Redirecting the page which is in an iFrame? Oh the pain of it all. iFrames can be easily closed too, so if there was a problem all they need to do is redirect it to a maintenance page. It's not as hard as it sounds, it's just a little bit of precaution.

Thread: Clubhabbo is haxxed

Thread Tools

Posting Permissions