The p2p forum Slyck (http://www.slyck.com) has been hacked and all the posts and threads have been removed, while it appears that the member list is still intact. Here (http://www.tatom.org/images/Slyck-2005-03-07.gif) is a screenshot of what I observed at the site this morning. The folks there claimed the site got hacked and then they rehacked it to gain control. The new admins go by the name Smalls (DJcrazymonkey), Omega1, and Allied, and I observed that the first two joined the site March 6th. Don't believe what they write because they claim to have just innocently joined the same day and happened to notice it was hacked. See a screenshot of the post here (http://www.tatom.org/images/Slyck-Smalls-Omega1.gif). Until things are back to normal you have to consider that some of the people posting there such as the admins HouseCrowd, SlyckRay, or SlyckTom are not the real people.

I made the mistake of emailing one of the hackers to ask how the exploit was done. Ever since that time they have been probing various ports on my ip address.
I may have determined the identity of one of the hackers.
Anybody want to know more about this?

I made the mistake of emailing one of the hackers to ask how the exploit was done. Ever since that time they have been probing various ports on my ip address.
I may have determined the identity of one of the hackers.
Anybody want to know more about this?

shut up, you clown

shut up, you clown

apparently...not.
The identity I determined was of Psycho Ced.
I lost interest in learning more..it was a very juvenile thing to do and easily exploitable. An extra equal mark would have prevented the whole thing.

edit:

If you own a phpbb forum, just open this file:


includes/sessions.php
and search for this:


if( $sessiondata['autologinid'] == $auto_login_key )
and add one "=" so it becomes:


if( $sessiondata['autologinid'] === $auto_login_key )
Now save the changes to the file and the exploit is fixed.

Slyck is back online again working off of a backup that was made February 22nd.