Results 1 to 6 of 6

Thread: Did the forum got hacked?

  1. #1
    Onion Kid
    Join Date
    Sep 2019
    Posts
    5

    Did the forum got hacked?

    I was researching online when i found that the FFShrine.org forum database is available for download.

    What happen? A recent vuln?

  2. #2
    Survived the 『Hunt』, but not the Lady. Leon Scott Kennedy's Avatar
    Join Date
    Nov 2007
    Location
    Italy
    Posts
    4,984
    To answer the question in the title: yeah, this place got attacked plenty of times. That database leak isn't too recent, though.
    Strategy guides | N: “He was having his favourite dish.”
    “May the good blood guide your way.”

  3. #3
    Grand Shriner
    Join Date
    Apr 2010
    Posts
    2,140
    good for unique email + pass, as formus hacked more than once.
    Pixar Cast and Crew CD Thread - http://forums.ffshrine.org/f92/pixar...-thread-80014/

    wish-
    august rush score (flac)

  4. #4
    Onion Kid
    Join Date
    Sep 2019
    Posts
    5
    Quote Originally Posted by Leon Scott Kennedy View Post
    To answer the question in the title: yeah, this place got attacked plenty of times. That database leak isn't too recent, though.
    The most notorious hack happen in September 2015. Approximately 620k records were released containing email addresses, IP addresses and salted hashes of passwords.

    ---------- Post added at 02:09 PM ---------- Previous post was at 02:07 PM ----------

    Quote Originally Posted by Zeratul13 View Post
    good for unique email + pass, as formus hacked more than once.
    Are you saying to build a wordlist or email combo with the info available in this database?

  5. #5
    Grand Shriner
    Join Date
    Apr 2010
    Posts
    2,140
    Quote Originally Posted by privateloader View Post
    Are you saying to build a wordlist or email combo with the info available in this database?
    No, saying use ideal unique email + pass for shrine account, because may leaking again

  6. #6
    Onion Kid
    Join Date
    Sep 2019
    Posts
    5
    Quote Originally Posted by Zeratul13 View Post
    No, saying use ideal unique email + pass for shrine account, because may leaking again
    The most common usage of leaked databases is to build credential stuffing combos or one time attack. The most common problem is users registering in the forum using a password that they can remember and this same password is used on other services. Once a attacker obtain the password he/she can try to login on other services using this password combo.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •