5punk /downloads & /uploads

[Hehulk]

Thanks awfully for reposting that. Bastard.

No problem at all. Mate .

[Wiggy]

I'm having trouble using uploads, it just always seems to time out on me. Anyone know why this might be happening?

[Woo Elephant Yeah]

What size file is it, and are you using IE or Firefox?

Can you test uploading a blank text document

[northwesten]

I have a load of Spreadsheet to upload for EVE players. I was woundering how do you up load?

[Dr. kitteny berk]

You don't any more (the upload function was removed due to having some unknown and evil hole in it)

Perhaps http://docs.google.com/ would be a good way to go (as it avoids the need for excel and uploading etc)

otherwise, rapidshare and such are easy

[Woo Elephant Yeah]

/uploads is back up, however the actual ability to upload anything isn't.

This means any dead links to stuff should be restored, but until I find a better more secure way of allowing you to upload/host files, the upload service will stay down.

I'll put the download button back later on, and have a fiddle with the header/footer, so if you notice any weirdness it might be me

[Dr. kitteny berk]

fucking hell.


did you bother to clear any crap out of there, or did you just restore it?

[eion]

fucking hell.


did you bother to clear any crap out of there, or did you just restore it?

THIS.

Seriously, please tell us it's the former.

[Dr. kitteny berk]

Just to make this clear

This means any dead links to stuff should be restored, Also there's quite a significant risk that whatever was used to hack 5punk is still there

Seriously wey. unless you have downloaded EVERY SINGLE FILE from /uploads and checked they're not evil. you're risking 5punk getting he-haxed.

Even then it won't be 100% safe, but what you've just done is Really concerning.

[FatherJack]

This one in particular looks a bit dodgy:
http://www.5punk.co.uk/uploads/Thomas_E ... ummary.jpg

[Hehulk]

what you've just done is Really concerning.

[Woo Elephant Yeah]

Do you seriously think someone with OCD tendancies like myself would resist the chance to look through every single folder and file before putting them back online

Seriously guys, you need to give me a bit more credit

[Dr. kitteny berk]

Have you actually *looked* at every single file, checking every image is really an image, and the word docs etc are word docs.

or have you just had a poke at something that might look iffy?

as much as i'd like to give you more credit, I don't think anyone can afford to assume/hope you've done the job right. these things have to be checked on.

[Woo Elephant Yeah]

I have downloaded the entire folder, virus checked it, previewed every single image, and opened all the documents.

I have also identified the 3 files used to hack into the site and gain shell access and have been spending considerable time here at work googling for information on how it works.

Several entries on the net also suggest that there are only 3 files needed, which also helps back up my thinking that everything is okay.

[Dr. kitteny berk]

Thankyou.

This is what we need to hear (and what you should've actually told us )

[Woo Elephant Yeah]

Thankyou.

This is what we need to hear (and what you should've actually told us )

But then we wouldn't of had the OMG PANICS!!!!! replies that I have found so amusing

[Grimmie]

See, sometimes we need our 5punky dad to fix this kind of thing.

[mrbobbins]

Berk: Assuming everyone else is an idiot since 1914

[spoodie]

From what I've seen I don't think our attacker was too clever, otherwise they might have done something better than just deleting the site. But then it could all be a ruse.

[FatherJack]

From what I've seen I don't think our attacker was too clever, otherwise they might have done something better than just deleting the site. But then it could all be a ruse.

They deleted everything to disguise the fact that they'd stolen passwords, which they then tried on PayPal, so not utterly stupid.