Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Obsidian

Something wrong with Realm667.

Recommended Posts

Tormentor667 said:

You must be the greatest idiot possible on this planet :D

Well they did say they were joking. :P

Anyways it's a good thing you managed to get the site back up.

Share this post


Link to post
Tormentor667 said:

You must be the greatest idiot possible on this planet :D

Anyway, we are back online!


Didn't you try to convince people you had an imp outside your window?

Share this post


Link to post

Aaaaaaand it's hacked again.


If you do visit, please make sure to TURN OFF JAVASCRIPT FIRST.

I found an iframe injection code in the shoutbox js.

Share this post


Link to post

I'm guessing the answer is no, but since I haven't been keeping up with this: Have you tried taking the forums offline (as in remove them from a public area on the server) and seeing if it's Joomla that's being hacked? Running Joomla 1.5 doesn't seem all that secure to me. (Apparently 1.5 is from before we learned publishing version numbers on the website is a really bad idea.)

Share this post


Link to post
Gez said:

Aaaaaaand it's hacked again.


If you do visit, please make sure to TURN OFF JAVASCRIPT FIRST.

I found an iframe injection code in the shoutbox js.

If I don't turn off Javascript, can it harm my pc/macbook/tablet (regardlessly)?

Share this post


Link to post

Maybe? I have no idea what range of OS will be affected by the malware it tries to make you download. And I don't especially care to find out.

Share this post


Link to post

dumb shit, i don't quite get the point in hacking a site dedicated to an old game...

Share this post


Link to post
Pirx said:

dumb shit, i don't quite get the point in hacking a site dedicated to an old game...


Actually, many of them doesn't really care what site it is.
They just hackin' and profit(?) from it, or just use it to hackin' more.

Share this post


Link to post
Pirx said:

dumb shit, i don't quite get the point in hacking a site dedicated to an old game...


Just hackin for fun. Good sites have fallen before, like Panel Monkey.

Share this post


Link to post

I think it's mostly done by bots anyway. When the same file contains the injected malware code 14 times redundantly, that's not the sign of a hand-made hack...

Share this post


Link to post
Gez said:

Aaaaaaand it's hacked again.


If you do visit, please make sure to TURN OFF JAVASCRIPT FIRST.

I found an iframe injection code in the shoutbox js.


Any update on this? I visited the site yesterday. Later, my comp started getting shuddery so I did a virus check, and I had one. It was simple enough to get rid of, but now I'm not sure if it was related to the site or other internet randomness. Is it safe to download DECORATE resources IF the Javascript is turned off? Any other experiences?

Is Realm667 the only DECORATE resource on the internet?

Share this post


Link to post

Downloading resources should be safe; I only found an injection on the forum (and it seems to be gone now, though I can't say if it's gone for good or not).

However, downloading stuff requires to be registered and logged in now. Apparently, Torm has had its bandwidth leeched and is trying to curtail that in this way.

Share this post


Link to post

I don't have Java, and I (stupidly) visited the site while hacked. All I saw was a picture of an inverted cross with the sentence "No rest for the living" below it. That means I did not get infected, right?

Share this post


Link to post
Hectic said:

I don't have Java, and I (stupidly) visited the site while hacked. All I saw was a picture of an inverted cross with the sentence "No rest for the living" below it. That means I did not get infected, right?

1. Java is not JavaScript. Totally different things. If you go here and hear some weird music, you have JavaScript.

2. The petrine cross thing was just a placeholder picture because Torm wanted something doomier than "the site is offline for repairs". Just to be clear, the site was safe to visit during that time (even if there was no reason to visit it).

Share this post


Link to post
Clonehunter said:

I think I just got a Trojan trying out the forums...

Did you run it? Or the computer did it? I hope not…

I understand that you primarily should browse the Internet with Java disabled, I believe that is insecure. Even if in this case JavaScript is cracked, it may lead to Java exploits in the iframe, correct? Or non-Java.

Share this post


Link to post
Gez said:

1. Java is not JavaScript. Totally different things. If you go here and hear some weird music, you have JavaScript.


Well, I thought they were at least related because the name. I have it then. Love Post Hell. Thanks Gez.

Share this post


Link to post
printz said:

Did you run it? Or the computer did it? I hope not…

I understand that you primarily should browse the Internet with Java disabled, I believe that is insecure. Even if in this case JavaScript is cracked, it may lead to Java exploits in the iframe, correct? Or non-Java.


I believe I had Java off, as it was working fine before and I remember going through the process of disabling it. I refreshed the forum page and it all went off by itself.

Share this post


Link to post
playerlin said:

Actually, many of them doesn't really care what site it is.
They just hackin' and profit(?) from it, or just use it to hackin' more.


look up if there is a guilty IP connection, find his ass and ask him to hack something that would get him on the news instead while he's at it.

Share this post


Link to post

The culprit is most likely a web-crawling bot that's exploiting vulnerabilities in Joomla, php or whatever in order to deliver its payload of popup advertising. It doesn't care whose site it is, though one with regular traffic is preferable to an online mausoleum.

Share this post


Link to post

Well, there goes my mapping for a good while, was looking to add a new weapon, but I only knew of it ever being hosted at 667 (y'know, like a lonnnng list of other great custom stuff that's there). Google didn't help me out either, so I guess I'm at kind of a loss for now.

Share this post


Link to post

Didn't spot any nasties when I visited the Realm a short time ago, unless I'm already blocking all of them. As has been said several times in this thread, you should be fine if you disable javascript in your browser and virus check all downloads - not that the Bestiary's content appears to have been touched by the malware, it's just a worthwhile precaution.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×