After three years of running pretty uneventfully, this has been a pretty bad month for the website! First, wiredpakistan got banned by the PTA, then a few hours back today it got hacked!
Whoever it was, wiped out the entire database, and then… left. Didn’t even bother to say anything. It takes time to break into a forum… if a normal user or person did it I’m sure they would have left some sort of message or something - the fact that whoever did it just left it blank raises a red flag in my mind.
The current status: The last backup I had was too soon… by the time I found out, the ‘cracked’ version had been backed up - so at the moment I have no backup. My host is casting around for older backup as I type, and hopefully it exists. It doesn’t exist!
Best case scenario: A few days posts will be lost. Worst case: A year’s worth.. I didn’t keep too many backups.
There is no backup. I’m creating a new forum for the time being. I don’t know how that will work though, with years of posts all dissolved into the ether. It’s almost like they were killed. Heck, it’s exactly like they were killed.
I’ve uploaded the raw access logs for this month. Perhaps someone might be able to track who killed the forums.
i think i have an idea who did this bloody attack…
well, all i can say is that a lot of people were benefiting from your forum and it was hurting some new so called broadband service providers… i hope you would got a clue…
This is bad. Its not the first time the site has been hacked or is it? I remember a few months back there was a guy who was hacking the site and leaving around stupid posts. The security on the site MUST be strengthened.
I hope it’s the “best case scenario”.
Have a good look at access logs after you’re done with restoring the database.
Which version of PunBB were you running on? There are a lot of bots exploiting forums here and there after finding them on search engines, nowadays. Only access logs can reveal the story.
Blocked - Unblocked - and now Cracked
Let’s see… how the tech-people get rid of this unique way of suppression.
http://tazakino.com/article.php/20080228132535996
Oh man!! I cant belive this :/ I wish tht it fixed sooon! i miss the forums, and i think this guy is right.. maybe the pta or any service provider did this shit..
sorry to hear that. i hope you will recover the database soon.my prayers are with u.
dude you can still use ur latest backup of database… just use it with 1.2.17 or 1.3(if it works)…basically the attacker cannot compromise files or data on the host directly.. the attacker registers on the forum and then uses the exploit to guess the Admin password and uses it to login as an admin.. so as far as i can tell ur data is still safe to restore just remove all admin and mod accounts and add em again..regards!
KO - if there is any way we can help you out, say the word.
The forum software as a version outdated - so thats why they hacker was able to get into it. Unfortunately, it deleted the entire db - and since I was busy with work, by the time I noticed my host had made the nightly backup - overwriting the good copy with the ‘hacked’ copy.
Hence there is no backup! The choice now seems to be go back to a ‘virgin’ install.
Sad and despicable act by some coward. I urge everyone to spread the word about this.
Khalid, once you have consulted the access logs, you could give the new Cyber Crime Laws which were recently implemented a try. This could prove to be a good opportunity to test them out.
My post on this whole event [and a guess at possible malicious elements who could have done this]:
http://www.asadasif.com/?itemid=127
KO - just get the access logs, lodge a complaint through police and put the newly implemented cyber crime laws to use.
I checked and found many exploits for PunBB that were in effect since last year. That’s why it’s very important to keep the software updated nowadays. All of us learn it the hard way *sigh*.
devnull, the software had different kind of vulnerabilities and exploits, like this one: http://securitydot.net/xpl/exploits/vulnerabilities/articles/1729/exploit.html
There is no way but to keep the software updated.
Some hosts clear out access logs daily, so be sure to get them before they are cleared out.
Yaar i am shocked to see this…..this is the only forum of Pakistan where we can discuss abt internet and other technologies….. i hope forum will b back again inshAllah
I’ve uploaded the access logs for this month here: http://www.wiredpakistan.com/downloads/logs.zip
If someone here knows how to parse them, go ahead!
Hi.
I am really sorry and sad to hear about all this. A very stupid and coward act by someone.
May I suggest to either Install a new version of the forums, or Install some other free forum software with better security (phpbb will be best in my opinion).
Coming to restoring forums, maybe your webhost keeps an offsite data backup too, or if you have root access to the server, try to recover the deleted data. If still no data can be retrieved, Google cache can be very helpful. I don’t know if it’ll help or not, but I am trying to get all the Google Cache data for the forums and download it on my server for you, so you can either ask the users to post the topic one by one according to that, or post/restore them by yourself.
May you get the backup restored somehow
Allah Hafiz.
I think we should try to find out who is responsible and then should take appropriate actions so that the responsible get some good care using cyber crime laws.
Yet another sad day for all us WP team and members.. I haven’t been a registered member for a long time, yet this website and its users had alot to offer in terms of tech information, exposing nakes realities of different ISPs etc
I feel sick to stomach while im typing this.. Just one request to KO, Asad, Sah and the rest of WP team.. Guys! we all are with you.. Whatever you’ve done for all of us by coming up with such a great website/forums is really worth a million thanks. Please upload the new forums soon
Keep up the good work, we’re all with you!
KO - the logs are of 28th. The forum was already hacked by the fourth entry. Can you post the logs from yesterday as well? That might help.
It’s very sad. All that information sharing.. gone..
Try these logs: http://www.wiredpakistan.com/downloads/logs.zip
This should be the whole months logs now.
InshAllah Wp is going to comeback and be better then ever,
Wierd that we were first banned, then now hacked.
Had the wierdest feeling when I opened the forums this afternoon.
If the script kiddie who cracked the site is reading: you are a pathetic loser and a coward. You and your company are the kind of ass kissers that has kept our country in the pits of backwardness. OH and I’m sure today you made your mom very proud for giving birth to the scum that you are.
KO, I’m really sorry man. Losing all the data and starting from scratch is unbearable, but we don’t have any other choice do we?
Just one suggestion: if you have to start from scratch, go with some other forum software. Maybe this time you should give VB a try. I’ve been running VB on a site of mine, and it’s really smooth.
Let me know if I can be of any help to you.
i wish we will se wired back soon
OUCH - this is bad news, whats up it seems there is a person out to get wiredpakistan.
I had no idea
really shocked
I am sure it must be hacked by WATEEN… because this forum was doing good job to unfold the worst service on earth of WATEEN.
Instead of correcting their service they hacked your forum. I am sad.
WATEEN SUCKS.
this is bad news… why would someone do this
AA,
Indeed a very sad incident, wish we could revive all the things and go back to where we were in good old days.
OMG…………….i didnt know it …who so ever did this is a bloody MF and i guess its some wateen or PTA guy
Boy this just burns me up. I would have to agree with Adnan and others about the likely culprit but we can’t really be sure whose to blame till the experts get done sifting through the logs. This has to be publicized by the wider press and made an example out of by the Internet Enforcers of this country to show they can do something.
As for the lost posts. Dont worry, it doesn’t matter how many times they try to delete us we’ll still write and make our voices heard. We shall prevail!
AoA,
This is very bad news.
@AdnanBhai
i agree with you..
@KO..
there is site who store/cache backups of almost all websites in cyberspace… callled “www.archive.org”.. i found the data of wiredpakistan.com uptodate till 10 Aug, 2007… now we/you can talk to the official of this site about retrieving the backup our site..
or
go to http://web.archive.org/web/20070707154736/wiredpakistan.com/forums/
and login as admin and check if you retrieve or backup something…
i hope you will gotit
@KO
I did a somewhat detailed analysis of the logs. Its here:
http://waqas.110mb.com/wiredpakistan/analysis.txt
Let me know what you think.
This freaking sucks, why’s someone messing with OUR forums?
man KO, you need to upgrade to something secure. This is one of my favourite places and i dont like everybody trying their hacking skills on this site.
Last night i couldn’t access the forums, i though you were updating it to the version about which you pointed out in some posts earlier. but it was some stupid hacker :-/
Good Luck with everything KO, we are with you in all this.
Oww man…
I didn’t realize until now that this forum was getting on somebody’s nerves… but who ever you are note this down … we will be coming back even more strongly.
I think better use of the effort would be to make sure lessons are learned and a new wiredpakistan.com emerges that is secure and robust.
As someone pointed out above, the “attacker” may have been some “zombie” in automatic mode. So it is pointless going after that, when the vulnerabilities exist on the board.
Then perhaps to setup some system that is able to bypass censoring being provided in a convenient place. Perhaps the first page of wiredpakistan.com - which can always be reached via proxy or google cache.
While you may have lost lot of forum information, you still have a level of goodwill and should be able to get back your membership (which is the real resource of the forum) and eventually some of the wound will be healed - and most likely new information will be added which will supplant the earlier.
So maybe focus on making a watertight forum that is very hard to hack - or even a forum where “where to place wiredpakistan.com and what forum software to use” is discussed or something.
I downloaded the logs and found out that the zipped log file contains an MS-DOS application!
Is it a virus/spyware or am I missing something?
Well,if the worst comes to worst,we can start again.This site is a new experiance for the exploited consumers in Pakistan,the show must go on…
Well I think the hack was intentional. I say this Announcement when I logged in during afternoon:
“This website is hacked. Update the PunBB Version KO!!! Discussion Here :)”
So someone with a grudge did it intentionally. What a waste!
Oopss….typo in previous comment. Read “I saw” instead of “I say”.
I see some positive side to it. The series of events during the past 2 months (blocking, unblocking and now hacking) suggest the posts/discussions on the forums were hurting someone really badly. And it’s good to know that!
Whoever did this, must be really mistaken that doing this B.S. will stop the forum members from posting their opinions/criticism. In fact, I think the members should find a new spirit to become more active and honest in their comments/suggestions/criticism from now on.
I know it’s not uplifting for KO and other members to see the past three years of posts vanish all of a sudden, but I’m sure after a month or two we’ll find this place as good as it was before.
Let’s start building the place again, with new spirits!
Sorry to hear, there is no one else to be blamed but you.
Please upload the logs so that I can have a look. The zip file had some exe
Grow up kids. Welcome to the cyber world. This is not a unique event. Even Pentagon has been hacked at sometime or the other. So why all these amateurish oohs and aahs?
There are a lot of reasons for all things Pakistani to be hacked or cracked including some heads too. Is that so amazing?
WEll very bad
This should not happen
well whatever we ll start a new life
Looking at the bright side, whole lot of stuff to fill up on. Though it does suck big time.
very sorry to hear about the hack.
The most likely ones to be involved in this hack may be the “YATEEM” people. I suggest KO should make a wiki on this website so that the extract of the forums can be posted there.
In fact this is good for the website as it is getting free publicity.
Ah…a deplorable event. Its really sad that KO kept only a single backup. Anyways some data might be lost but the brains that created it are still here. i am hopeful it will be business as usual again very soon.
Just couldn’t believe this…this was the best ever Pakistani forum on the net for sure.
Its sad and amusing to hear that a destruction was done. It was part of Pakistan and whoever Pakistani has destroyed it, deserves to feel ashamed of himself/herself.
UBS: Update, backup, security. (Just made it up!)
it is really sad - i am missing it right now
hope it will be back online soon
I’m sad. Really sad. Please do share when you find out something about the hacker.
The Site got hacked but the question is that why enough updated back ups were not kept. This event simply highlights the importance of data back ups. As some one said that hacks these days are not rocket science and even school kiddies have been messing up some very secured sites, but in all such cases of hacks, the site data administrators do keep regular updated back ups and hacks dont make any much difference to them. In this case we see the whole data being wipped out along with user identities.
Needs better planning and administration for future. Best wishes with the bottom line that experience always comes with a price.
That is the reason why I don’t like simply deploying an open source solution.
haaah!!! Memories of techpakistan.com are flashing through my mind.
It is very unfortunate because the management ( @ leading ISP )holes were coming out in the open.
Won’t be surprized if the culprit is one who boasts being with the latest and greatest tech.
KO i have seldom used ur forum but even on those occasions i have found it to be very useful. I know nothing about tgeeky techie things but i must say that all things on internet are vulnerable as there are back doors to everything. All we can do is to be more careful next time. But this does not undermine the fact that the culprit should be found out and put to trial.
a coward attempt by some one.
well i suggest u to must have a backup and then backup of backup.!!
May be we can retrieve the archived site at archive.org as HardStone mentioned.
Another way is to try google’s cache , although its a bit cumbersome to manually pull out each posts. alternatively you can try to request google to send you cached data , i don’t know if they have such a policy.
I hope it will be back soon, InshaAllah.
@Obi Wan
the log file is actually a text file (i think the hosting was on unix platform ,and it made log file by name of the website), you can open it in any text editor or just add .txt at the end of filename.
Tragic - a sabotage. U should have created backup and taken all secured measures. But still, whosoever did it, had some reasons behind it and tried to lower down the open voice against all the critisized companies who’re not performing up to the level. But no worries-the website shall be running hopefully shortly.
Poll: what do u think wateen shaikh should fire the ceo(Tariq Malik) or not.
I m still not able to connect wiredpakistan.com directly since last 3 days.
Now i thought it may be blocked again so i used proxy, and i get to know wt happened with wiredpakistan.
Ha Ha its very funny. Better use vbulletin. 3.8.9
I saw the analysis at http://waqas.110mb.com/wiredpakistan/analysis.txt and it seems right. Please ensure that you at least take a differentials backup every day and a full back on weekend that will help you restore in case if any disaster be it hard drive failure or hack attempts.
Really a Shock
, i was just shocked when i saw the line that forum got hacked 
, pretty Sad han !! , , but don’t worry team WP , we are with ya , we will make it kickin’ again 
Simply pathetic & coward act by hacking such a informative site.Btw I realy like new design its awesome.
hey Admin,
i hope i can help you out in building a secure forum… if you like to have some sort of help, you can reply me back or can email me if you like!
Waiting for a possitive thingy from your side,,
just forget this PUNBB thingy,, its rubbish, let me sponsor a heavy BB script for this site, its really informative and people would like their information in secure hands,
See you soon @ wired Pk Forum,
Regards,
Shahzad Khan,
CyberXperts Technologies
I think PTA owners hacked this forum. as they hacked the Youtube site few days ago.. Government workers are stupid.. they are completely nonsense.
some kids are saying to report it to police under new cyber crime act but tokeep u informed your all log files has not even 1 trace which can be used as a proof of a crime and 2nd thing what is the surity that some information is geniune it can be a froged information just like a small example of fake ip addresses of proxied ip addresses.and 1 most importent thing cyber crime rule is a collections of blunders of copy pasters of govt ppl who have left a lot of holes in it.i would suggest that stop crying on this event and start from scratch and this time try to host your website on multiple servers like most companies do.otherwise always keep an incrimental data backup.a simple system admin can know how to secure data backup even if a new copy is scheduled every night you should have it automated on shared network device san or on any other computer even if you do not have backup tape of veritas.anyways damage has done so look for future.some one said that ptcl hacked youtube which is not true they just added a dns root entry on thier hongkong server pointing wrong ip address and because of address conflict it was out of sight.
my condolences..but the thing is that its a blessing in disguise.
first of all it’d bring maturity securitywise.
secondly,the community of WP is not going to stop contributing here.all those pages of wisdom will be flourishing back sooner than u know.all we need is a place to gather all our pak techi bros n we still have it here.all n all,i think its going to strentghen the WP community more than ever.any publicity is good publicity.
Salams to evry1
plus u shud try the “the wayback machine–archive.org” thing some1 suggested.it really does document a lot of the internet history
Sad to hear mate..
Our tracker just got hacked a few days ago aswell (along with 4-5 others), didnt erase anything but stole atleast 150 USD of donations from our users which i think is as bad. So i understand how u must be feeling.
But im really surprised u didnt have off-site backups, On forums like these i think its very important to do daily/weekly backups of the DB.
Anyway if you need any help just letme know
Cheers
NeM
if u really want most of ur data, u can copy from google cache…but khwari ka kaam hoga shayad
Better use the vbulletin.
Don’t break the continuity,the forum is a hit,you can start again,from scratch.Please do..
Ohoo..Bhool Jao pichla data bhai,start again..
Yar,yeh kawaya wateen nay hee hack in my opinion.The other day wateen’s sales manager had a smile on his face when i mention the hacking incident and he said “woh to purani story ho gai hey”.
Premature launch from wateen has lead to these cracks in wateen system and they thought its better the hack the site then to fix the holes in their system.I feel so…
Hi..
bad news…
it must be someone from pakistan.
the thing i dont understand is why paki fighting with each others.
recently a site raxor.org tried to hack blackpapers.info in return blakcpapers.info completely ruined raxor.org.
if those people have some skills then why not use against foreign sites.. y our own sites??????
test
http://www.dhost.info/hasan/modules/wfdownloads/viewcat.php?cid=3
its a big opportunity for you to switch the forum script to vbulletin or invision power board.
you are using a free script which is widely used and has many holes, somebody else would know before you have even upgraded and wipe out everything..