Discussion of movies and ReelThoughts topics

It is currently Mon Dec 22, 2014 4:03 am




Post new topic Reply to topic  [ 4 posts ] 
ReelViews HACKED! 
Author Message
Site Admin

Joined: Thu Jan 22, 2009 10:55 pm
Posts: 3204
Location: Mount Laurel, NJ, USA
Post ReelViews HACKED!
Yes, the site has been hacked, although not in such a way that anyone would notice. However, a significant number of html and php files had a large amount of commented code (nothing malicious) inserted. The files were apparently randomly targeted and the database was untouched.

The following steps were taken to remedy this situation:

(1) security access to the site (password) was changed. This should prevent future damage.
(2) All impacted files were identified and replaced by clean copies from my local archives. I believe I got everything.

I don't believe in coincidences and the fact that this happened after I spent the past week at a hotel is more than a little suspicious. We like to believe that hotel networks are secure but this, I believe, is a reminder.

At any rate, if anyone notices anything odd about the site, drop me a line and I'll check it out.


Thu Sep 17, 2009 11:39 pm
Profile WWW
Post Re: ReelViews HACKED!
Interesting development. I certainly would have been none the wiser if you hadn't mentioned anything. Does "commented code" mean that there was code with comments or that all the code was enclosed within comment tags (hence harmless)?


Fri Sep 18, 2009 5:41 pm
Post Re: ReelViews HACKED!
ed_metal_head wrote:
Interesting development. I certainly would have been none the wiser if you hadn't mentioned anything. Does "commented code" mean that there was code with comments or that all the code was enclosed within comment tags (hence harmless)?


pretty sure it's the latter


Fri Sep 18, 2009 7:30 pm
Site Admin

Joined: Thu Jan 22, 2009 10:55 pm
Posts: 3204
Location: Mount Laurel, NJ, USA
Post Re: ReelViews HACKED!
Patrick wrote:
ed_metal_head wrote:
Interesting development. I certainly would have been none the wiser if you hadn't mentioned anything. Does "commented code" mean that there was code with comments or that all the code was enclosed within comment tags (hence harmless)?


pretty sure it's the latter


Yes - hundreds of lines of code all included within comment tags. My guess is that someone added the commented code with the intention of removing the comment tags at some point and thereby subverting the site.

The problem seems to have been nipped in the bud. No further evidence of tampering since the initial incident. I attribute the security hole as having something to do with the way I was accessing the site while I was in Toronto; password changes seem to have done the trick.


Thu Sep 24, 2009 5:21 pm
Profile WWW
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by Vjacheslav Trushkin for Free Forum/DivisionCore.
Translated by Xaphos © 2007, 2008, 2009 phpBB.fr