BPIP problems

[Vod]

Some bozo has decided to attack my "unofficially announced" website - BPIP.  :/

Because the site was a hobby I did not prioritize backups.

I lost all current profile information in my MSSQL database.     

I'm using this as an opportunity - since I started this as a hobby the database is a mess.  Great time to organize and make things better. 

Sorry to everyone that used the site - but it will be down/incomplete for at least 22 days.  :/

[1715036626]

1715036626

[unabomber]

Aww man that sucks it'll take 22 days to get it back up. Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's. Or maybe the hosting company has a backup of the database?

[pugman]

Some bozo has decided to attack my "unofficially announced" website - BPIP.  :/

You sure its some bozo,and not someone who *hates* you? Because you know,you're Vod,people hate you for who you arei.e. fight scammers.
Hope your site comes up real soon. Good luck,

[Vod]

You sure its some bozo,and not someone who *hates* you?

Aren't they the same thing?  

Aww man that sucks it'll take 22 days to get it back up.

Yep - that's the time it takes to scan 2,000,000 records at one record per 1.5 seconds.

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

[coupable]

It doesn't take so much time to backup a website and its sql database. For the same case last year, the task was not that hard. I found this article (french) so helpful.

[jackg]

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

Can I be of any help here Vod? Is it just a bot that can be run to gather the data for you - if I get a code from Theymos and use an account to gather the information (with your self-made code that scrapes the data).

[Vod]

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

Can I be of any help here Vod? Is it just a bot that can be run to gather the data for you - if I get a code from Theymos and use an account to gather the information (with your self-made code that scrapes the data).

Sure, I can make changes to my parser to allow multi-user.  Just PM me the user name and password once Theymos approves you.

Currently I have it running on an Amazon Windows instance.  Costs me around $2/month.

[jackg]

Is there anyway other users can help? perhaps trusted forum mebers could scrape portions of the data on your behalf using their IP's.

They would need to clear it with Theymos first and get a special code to bypass the captcha.

Can I be of any help here Vod? Is it just a bot that can be run to gather the data for you - if I get a code from Theymos and use an account to gather the information (with your self-made code that scrapes the data).

Sure, I can make changes to my parser to allow multi-user.  Just PM me the user name and password once Theymos approves you.

Currently I have it running on an Amazon Windows instance.  Costs me around $2/month.

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

[Vod]

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

For the amount of time it would take me to reprogram the tool, I would want you to run it all the time.
It would take both of us 11-12 days.

Look into Amazon - they offer a free VPS with many OS for free - you just pay for usage over the free amount.
With my parsing tool running 24/7 it cost me about $3 last month.

[Welsh]

That sucks. Used this for checking accounts that I reported. I guess the only saving grace is not that much damage has been done and it came relatively early in the development otherwise it would of taken more than 22 days. Plus, I don't think you'll be overlooking backups anymore.

Any idea how they gained access?

[jackg]

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

For the amount of time it would take me to reprogram the tool, I would want you to run it all the time.
It would take both of us 11-12 days.

Look into Amazon - they offer a free VPS with many OS for free - you just pay for usage over the free amount.
With my parsing tool running 24/7 it cost me about $3 last month.

OK, I got a code from theymos to bypass the captcha for an alt.

I'll take a look into that Amazon one, is it ec2 you were using and is there a way to track your usage as you go, so I don't get extensive bills at the end of the 12 days?

[BTCforJoe]

How long will it take to run initially to rebuild the database to the point where your aws instance can take over?
If it's only about 12-240 hours I can run it on my normal computer, if not, I'll purchase a vps from somewhere.

For the amount of time it would take me to reprogram the tool, I would want you to run it all the time.
It would take both of us 11-12 days.

Look into Amazon - they offer a free VPS with many OS for free - you just pay for usage over the free amount.
With my parsing tool running 24/7 it cost me about $3 last month.

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

[condoras]

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting.  

[TryNinja]

Hey Vod,

Looks like I found out what vulnerability the hacker used to access your db. I just tested it and managed to change every user's name to TryNinjaIs1337 (sorry about that).

I will PM you with more info.

[Vod]

Any idea how they gained access?

Yes, I was lazy when I wrote the code for my search page.  I allowed SQL injection.  
Thx to TryNinja for confirming it too.

My host said they have a backup, so I should be restored by Monday.  

[Vod]

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting.  

That address is valid, but I created a new address just for BPIP donations.  I'll also create a page when I list the donators.
13tdtWCiaaxY1Zo1C6aDpWUowU6eD4RtqH

Looks like all the hacker did was boost interest in the project! 

[condoras]

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting.  

That address is valid, but I created a new address just for BPIP donations.  I'll also create a page when I list the donators.
13tdtWCiaaxY1Zo1C6aDpWUowU6eD4RtqH

Ok, sounds good.
https://live.blockcypher.com/btc/tx/2ebf6c88b0c6ac3715c44cb766e69ea4ead9cc1368764dc5c52dab04aaeed501/

Looks like all the hacker did was boost interest in the project! 

Indeed he make a great impact! 

[Vod]

https://live.blockcypher.com/btc/tx/2ebf6c88b0c6ac3715c44cb766e69ea4ead9cc1368764dc5c52dab04aaeed501/

The project thanks you!   I've added that link to my signature.  

What I will use the coin for:
1) Design
2) Domain Name

It's my goal to have this project pay for itself through advertising and donations, but for now, I am paying for most everything necessary.

[condoras]

I'm more than sure that you will use the BTC in a proper way for the benefit of the project.

Until you put the project in the right track (self-sustaining), expenses will burden your pocket. I'm glad that i helped you (and the project) this time.
If you need though any further help with this (at any point), just let me know. It will be a pleasure to assist again.

[BTCforJoe]

I could throw down a couple bucks for this project. Just tell me which address to send it to, and how much will help you get the ball rollin'!

I think that the "Donation Address for Prayer Messages" (1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH) is still valid.
@Vod : Can you please confirm my thoughts about this Address? 0.005BTC is ready to be send for one year of renting.  

That address is valid, but I created a new address just for BPIP donations.  I'll also create a page when I list the donators.
13tdtWCiaaxY1Zo1C6aDpWUowU6eD4RtqH

Looks like all the hacker did was boost interest in the project!  

https://blockchain.info/tx/225849ea7b5afb9e3d089d68dc23b02dd755f7325ce40678be6000ffaaa96414

Here’s a tad bit more support for a great cause. Keep it up, and whoever the hacker was, make sure to thank them lol. I believe there is always good, even where there is bad. Good luck moving forward!