Bitcoin Forum
October 23, 2018, 11:09:09 AM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: BPIP problems  (Read 416 times)
Vod
Legendary
*
Offline Offline

Activity: 2534
Merit: 1766


Licking my boob since 1970


View Profile WWW
April 14, 2018, 06:06:43 PM
 #1

Some bozo has decided to attack my "unofficially announced" website - BPIP.  :/

Because the site was a hobby I did not prioritize backups.

I lost all current profile information in my MSSQL database.  Sad   

I'm using this as an opportunity - since I started this as a hobby the database is a mess.  Great time to organize and make things better.  Smiley

Sorry to everyone that used the site - but it will be down/incomplete for at least 22 days.  :/









I'm into creating universes, smiting people, writing holy books and listening to Prayer Messages (PMs).
BitcoinTalk Public Information Project (BPIP)  - My Trust Removal Guidelines
"Masturbation makes you feel good but doesn't do anything for the person you're thinking of.  Just like prayer."
1540292949
Hero Member
*
Offline Offline

Posts: 1540292949

View Profile Personal Message (Offline)

Ignore
1540292949
Reply with quote  #2

1540292949
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1540292949
Hero Member
*
Offline Offline

Posts: 1540292949

View Profile Personal Message (Offline)

Ignore
1540292949
Reply with quote  #2

1540292949
Report to moderator
1540292949
Hero Member
*
Offline Offline

Posts: 1540292949

View Profile Personal Message (Offline)

Ignore
1540292949
Reply with quote  #2

1540292949
Report to moderator
1540292949
Hero Member
*
Offline Offline

Posts: 1540292949

View Profile Personal Message (Offline)

Ignore
1540292949
Reply with quote  #2

1540292949
Report to moderator
unabomber
Newbie
*
Offline Offline

Activity: 19
Merit: 22


View Profile
April 14, 2018, 06:12:46 PM
Merited by Vod (1)
 #2

Aww man that sucks it'll take 22 days to get it back up. Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's. Or maybe the hosting company has a backup of the database?
pugman
Legendary
*
Offline Offline

Activity: 1260
Merit: 1300


Sliding in ya DM's be like


View Profile WWW
April 14, 2018, 06:23:30 PM
Merited by Vod (1)
 #3

Some bozo has decided to attack my "unofficially announced" website - BPIP.  :/
You sure its some bozo,and not someone who *hates* you? Undecided Because you know,you're Vod,people hate you for who you arei.e. fight scammers.
Hope your site comes up real soon. Good luck,

Vod
Legendary
*
Offline Offline

Activity: 2534
Merit: 1766


Licking my boob since 1970


View Profile WWW
April 14, 2018, 06:26:46 PM
 #4

You sure its some bozo,and not someone who *hates* you? Undecided

Aren't they the same thing?   Grin

Aww man that sucks it'll take 22 days to get it back up.

Yep - that's the time it takes to scan 2,000,000 records at one record per 1.5 seconds.

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

I'm into creating universes, smiting people, writing holy books and listening to Prayer Messages (PMs).
BitcoinTalk Public Information Project (BPIP)  - My Trust Removal Guidelines
"Masturbation makes you feel good but doesn't do anything for the person you're thinking of.  Just like prayer."
coupable
Sr. Member
****
Offline Offline

Activity: 574
Merit: 254



View Profile
April 14, 2018, 06:33:20 PM
 #5

It doesn't take so much time to backup a website and its sql database. For the same case last year, the task was not that hard. I found this article (french) so helpful.

██████
██
██
██
██
██
██
██
██

██
██

██
██████
.
///Augment Your Portfolio
██████
██
██
██
██
██
██
██
██

██
██

██
██████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
       ▄▄█████████▄▄
     ▄█▀▀▀       ▀▀▀█▄
   ▄▀                 ▀▄
  █       ▄▄▄▄▄▄▄       █
 █    ▄▀▀▀▄▄▄▄▄▄▄▀▀▀▄    █
▐▌  ▄▀▄▀▀▀       ▀▀▀▄▀▄  ▐▌
█  ▐▌█ ▐█▌       ▐█▌ █▐▌  █
▐▌ █▐▌ ███  ▄▄▄  ███ ▐▌█ ▐▌
▐█ ▐▌█  ▀    ▀    ▀  █▐▌ █▌
███ ▀▄▀▄▄▄       ▄▄▄▀▄▀ ███
██▀█▄ ▀▄▄▄▀▀▀▀▀▀▀▄▄▄▀ ▄█▀██
▀    ▀█▄▄▄▀▀▀▀▀▀▀▄▄▄█▀    ▀
       ▀▀█████████▀▀
Vivid

████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
████  ████
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬   WHITEPAPER  ● ● ●
FACEBOOK  TWITTER  DISCORD  REDDIT  TELEGRAM  BOUNTY
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬   ANN THREAD  ● ● ●
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1162
Merit: 1112


View Profile
April 14, 2018, 08:29:02 PM
 #6

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

Can I be of any help here Vod? Is it just a bot that can be run to gather the data for you - if I get a code from Theymos and use an account to gather the information (with your self-made code that scrapes the data).

Vod
Legendary
*
Offline Offline

Activity: 2534
Merit: 1766


Licking my boob since 1970


View Profile WWW
April 14, 2018, 09:00:03 PM
 #7

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

Can I be of any help here Vod? Is it just a bot that can be run to gather the data for you - if I get a code from Theymos and use an account to gather the information (with your self-made code that scrapes the data).

Sure, I can make changes to my parser to allow multi-user.  Just PM me the user name and password once Theymos approves you.

Currently I have it running on an Amazon Windows instance.  Costs me around $2/month.

I'm into creating universes, smiting people, writing holy books and listening to Prayer Messages (PMs).
BitcoinTalk Public Information Project (BPIP)  - My Trust Removal Guidelines
"Masturbation makes you feel good but doesn't do anything for the person you're thinking of.  Just like prayer."
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1162
Merit: 1112


View Profile
April 14, 2018, 10:37:38 PM
 #8

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

Can I be of any help here Vod? Is it just a bot that can be run to gather the data for you - if I get a code from Theymos and use an account to gather the information (with your self-made code that scrapes the data).

Sure, I can make changes to my parser to allow multi-user.  Just PM me the user name and password once Theymos approves you.

Currently I have it running on an Amazon Windows instance.  Costs me around $2/month.

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

Vod
Legendary
*
Offline Offline

Activity: 2534
Merit: 1766


Licking my boob since 1970


View Profile WWW
April 15, 2018, 04:02:20 AM
 #9

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

For the amount of time it would take me to reprogram the tool, I would want you to run it all the time. Smiley
It would take both of us 11-12 days.

Look into Amazon - they offer a free VPS with many OS for free - you just pay for usage over the free amount.
With my parsing tool running 24/7 it cost me about $3 last month.


I'm into creating universes, smiting people, writing holy books and listening to Prayer Messages (PMs).
BitcoinTalk Public Information Project (BPIP)  - My Trust Removal Guidelines
"Masturbation makes you feel good but doesn't do anything for the person you're thinking of.  Just like prayer."
Welsh
Staff
Legendary
*
Offline Offline

Activity: 1386
Merit: 1375


Away on expedition until 5th of Nov


View Profile
April 15, 2018, 11:14:42 AM
 #10

That sucks. Used this for checking accounts that I reported. I guess the only saving grace is not that much damage has been done and it came relatively early in the development otherwise it would of taken more than 22 days. Plus, I don't think you'll be overlooking backups anymore.

Any idea how they gained access?

jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1162
Merit: 1112


View Profile
April 15, 2018, 11:41:16 AM
 #11

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

For the amount of time it would take me to reprogram the tool, I would want you to run it all the time. Smiley
It would take both of us 11-12 days.

Look into Amazon - they offer a free VPS with many OS for free - you just pay for usage over the free amount.
With my parsing tool running 24/7 it cost me about $3 last month.



OK, I got a code from theymos to bypass the captcha for an alt.

I'll take a look into that Amazon one, is it ec2 you were using and is there a way to track your usage as you go, so I don't get extensive bills at the end of the 12 days?

BTCforJoe
Hero Member
*****
Offline Offline

Activity: 882
Merit: 970



View Profile WWW
April 15, 2018, 11:42:45 AM
 #12

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

For the amount of time it would take me to reprogram the tool, I would want you to run it all the time. Smiley
It would take both of us 11-12 days.

Look into Amazon - they offer a free VPS with many OS for free - you just pay for usage over the free amount.
With my parsing tool running 24/7 it cost me about $3 last month.



I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

condoras
Hero Member
*****
Offline Offline

Activity: 1008
Merit: 582


This is what i do. I drink and i know things.


View Profile
April 15, 2018, 01:26:17 PM
Merited by Vod (2)
 #13

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting. Cool 
TryNinja
Hero Member
*****
Offline Offline

Activity: 798
Merit: 780


ChipMixer's Badge of Honor


View Profile
April 15, 2018, 03:10:12 PM
Merited by Vod (10)
 #14

Hey Vod,

Looks like I found out what vulnerability the hacker used to access your db. I just tested it and managed to change every user's name to TryNinjaIs1337 (sorry about that).

I will PM you with more info.

Vod
Legendary
*
Offline Offline

Activity: 2534
Merit: 1766


Licking my boob since 1970


View Profile WWW
April 15, 2018, 04:35:02 PM
Merited by condoras (1)
 #15

Any idea how they gained access?

Yes, I was lazy when I wrote the code for my search page.  I allowed SQL injection.  
Thx to TryNinja for confirming it too.

My host said they have a backup, so I should be restored by Monday.  Smiley




I'm into creating universes, smiting people, writing holy books and listening to Prayer Messages (PMs).
BitcoinTalk Public Information Project (BPIP)  - My Trust Removal Guidelines
"Masturbation makes you feel good but doesn't do anything for the person you're thinking of.  Just like prayer."
Vod
Legendary
*
Offline Offline

Activity: 2534
Merit: 1766


Licking my boob since 1970


View Profile WWW
April 15, 2018, 04:36:47 PM
 #16

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting. Cool 

That address is valid, but I created a new address just for BPIP donations.  I'll also create a page when I list the donators.
13tdtWCiaaxY1Zo1C6aDpWUowU6eD4RtqH

Looks like all the hacker did was boost interest in the project!  Smiley

I'm into creating universes, smiting people, writing holy books and listening to Prayer Messages (PMs).
BitcoinTalk Public Information Project (BPIP)  - My Trust Removal Guidelines
"Masturbation makes you feel good but doesn't do anything for the person you're thinking of.  Just like prayer."
condoras
Hero Member
*****
Offline Offline

Activity: 1008
Merit: 582


This is what i do. I drink and i know things.


View Profile
April 15, 2018, 05:07:56 PM
 #17

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting. Cool 

That address is valid, but I created a new address just for BPIP donations.  I'll also create a page when I list the donators.
13tdtWCiaaxY1Zo1C6aDpWUowU6eD4RtqH
Ok, sounds good. Smiley
https://live.blockcypher.com/btc/tx/2ebf6c88b0c6ac3715c44cb766e69ea4ead9cc1368764dc5c52dab04aaeed501/

Looks like all the hacker did was boost interest in the project!  Smiley

Indeed he make a great impact!  Grin
Vod
Legendary
*
Offline Offline

Activity: 2534
Merit: 1766


Licking my boob since 1970


View Profile WWW
April 15, 2018, 05:32:45 PM
 #18


The project thanks you!   I've added that link to my signature.  Smiley

What I will use the coin for:
1) Design
2) Domain Name

It's my goal to have this project pay for itself through advertising and donations, but for now, I am paying for most everything necessary.


I'm into creating universes, smiting people, writing holy books and listening to Prayer Messages (PMs).
BitcoinTalk Public Information Project (BPIP)  - My Trust Removal Guidelines
"Masturbation makes you feel good but doesn't do anything for the person you're thinking of.  Just like prayer."
condoras
Hero Member
*****
Offline Offline

Activity: 1008
Merit: 582


This is what i do. I drink and i know things.


View Profile
April 15, 2018, 11:22:05 PM
 #19

I'm more than sure that you will use the BTC in a proper way for the benefit of the project. Wink

Until you put the project in the right track (self-sustaining), expenses will burden your pocket. I'm glad that i helped you (and the project) this time.
If you need though any further help with this (at any point), just let me know. It will be a pleasure to assist again. Cool

BTCforJoe
Hero Member
*****
Offline Offline

Activity: 882
Merit: 970



View Profile WWW
April 15, 2018, 11:42:28 PM
 #20

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting. Cool  

That address is valid, but I created a new address just for BPIP donations.  I'll also create a page when I list the donators.
13tdtWCiaaxY1Zo1C6aDpWUowU6eD4RtqH

Looks like all the hacker did was boost interest in the project!  Smiley

https://blockchain.info/tx/225849ea7b5afb9e3d089d68dc23b02dd755f7325ce40678be6000ffaaa96414

Here’s a tad bit more support for a great cause. Keep it up, and whoever the hacker was, make sure to thank them lol. I believe there is always good, even where there is bad. Good luck moving forward!

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!