Problem/Bug [!!!]Site Administrator Please Look here[!!!]

Discussion in 'General Help' started by TNTSquid, Jul 22, 2016.

Thread Status:
Not open for further replies.
  1. Offline

    TNTSquid

    Recently, when I desire to update the permissions plugin , I discover that Essentials Group Manager , Iconomy and Permissions EX was pwned by a guy called 3ch0s3c .

    I am quite worry about this issue as it completely cog up the development progress of my server and I afraid that it will cause other servers using those plugins will get a pwned as well.

    These are the plugin that I discover being pwned :
    http://dev.bukkit.org/bukkit-plugins/essentials/
    http://dev.bukkit.org/bukkit-plugins/iconomy/
    http://dev.bukkit.org/bukkit-plugins/permissionsex/


    If administrators see this post, please solve this problems as this affects not only the author, but all servers running in bukkit and its fork

    Thanks alot
     
    mine-care likes this.
  2. Offline

    AlvinB

    @TNTSquid
    I wonder if this has anything to do with the passwords that were stolen here..
     
  3. Offline

    bwfcwalshy Retired Staff

    @TNTSquid Thank you for bringing this up, I have contacted Curse.

    @AlvinB All passwords were reset IIRC and BukkitDev is a separate account so the passwords might be different. It's likely they found an exploit in the system.
     
  4. Offline

    AlvinB

    @bwfcwalshy
    Oh, but I was thinking they might have had the same password over there.

    EDIT: iPad's being annoying.. Editing the post for me..
     
    Last edited: Jul 22, 2016
  5. Offline

    bwfcwalshy Retired Staff

    @AlvinB Likely but still probably an exploit in the site. Looking at their Twitter they seem to just find issues in the site and exploit it. I'm sure Curse will look into the security hole and fix it ASAP.
     
  6. Offline

    TNTSquid

    Because It seems not only hacking down one user, but different plugin of different user......This is what I concern most
     
  7. Offline

    ZeldoKavira Administrator Curse

    Thanks for the report, I will be looking into how the projects were compromised. I would not expect an exploit in the site but a reused password. There have been a lot of password dumps all over the web lately and could be the culprit.


    Edit: It was just 3 accounts compromised, please don't use the same password for any sites! We are working on restoring the projects and we have reset the users accounts in question. Thanks again for the report.
     
    Last edited: Jul 22, 2016
Thread Status:
Not open for further replies.

Share This Page