Can't login into the Wiki
Can't login into the Wiki
anyone else has problems? The login page displays garbage
http://www.freebasic.net/wiki/wikka.php ... erSettings
it won't even let my type any name or pwd ...
http://www.freebasic.net/wiki/wikka.php ... erSettings
it won't even let my type any name or pwd ...
Re: Can't login into the Wiki
Yes, IMHO it is since the recent change:DOS386 wrote:anyone else has problems? The login page displays garbage
http://www.freebasic.net/wiki/wikka.php ... erSettings
it won't even let my type any name or pwd ...
Fri, 28 Oct 2011:
(04:49 CDT) [history] - UserSettings ⇒ DrV
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
Trying to call up the old UserSettings page from history doesn't seem to work either.
I don't know much PHP but I speculate that it's an attempt to make the server run some PHP, and/or it's trying to steal passwords. It probably wouldn't hurt to change your password if you've tried logging in recently.
At the bottom of the code seems to be an iframe pointing to what Firefox calls a "reported attack page".
I don't know much PHP but I speculate that it's an attempt to make the server run some PHP, and/or it's trying to steal passwords. It probably wouldn't hurt to change your password if you've tried logging in recently.
At the bottom of the code seems to be an iframe pointing to what Firefox calls a "reported attack page".
- But how change my password when the wiki login page displays garbage?counting_pine wrote:It probably wouldn't hurt to change your password if you've tried logging in recently.
(If I call 'Page History', I find at the button of the big page two duplicated login-fields (one in deletions section and other in oldest version section), but obviously the login attempt fails for both login-fields.)
It seems that the login-fields have been deleted!
Besides, I do not understand your proposal.
- Same behavior with Windows explorer which does not know any login-name and password!
(I use it very very rarely, because it is very old!)
- My last successful login:
Sat, 22 Oct 2011:
(15:10 CDT) [history] - KeyPgCondCreate ⇒ FxMwikki [Suppression of the link to KeyPgCondCreate itself]
- Is there been an update of the server?
- And what about this recent change:
Fri, 28 Oct 2011:
(04:49 CDT) [history] - UserSettings ⇒ DrV
with the login-fields deletion.
Seems hacked with the use of some C99Shell script:
http://www.securelist.com/en/descriptions/old188613
Things like:
array("find all .htpasswd files", "find / -type f -name .htpasswd")
array("show opened ports", "netstat -an | grep -i listen")
should not be there. so does:
"Killing process #".$kill."... ok. he is dead, amen."
http://www.securelist.com/en/descriptions/old188613
Things like:
array("find all .htpasswd files", "find / -type f -name .htpasswd")
array("show opened ports", "netstat -an | grep -i listen")
should not be there. so does:
"Killing process #".$kill."... ok. he is dead, amen."
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
Good question.fxm wrote:- But how change my password when the wiki login page displays garbage?
YMMV, but I think in my case I have an account that is shared between the forum and the wiki, so changing one should change the other.
Otherwise, I would recommend changing it as soon as the old login is restored.
But why change our password?counting_pine wrote:Good question.fxm wrote:- But how change my password when the wiki login page displays garbage?
YMMV, but I think in my case I have an account that is shared between the forum and the wiki, so changing one should change the other.
Otherwise, I would recommend changing it as soon as the old login is restored.
See below my previous remark:
Under Windows explorer, I think I am considered by wiki as a new user!fxm wrote:- Same behavior with Windows explorer which does not know any login-name and password!
(I use it very very rarely, because it is very old!)
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
I don't understand your previous remark, sorry. Do you mean Windows or Internet Explorer?
It doesn't matter whether any browser remembers your password. If the hacked page has captured your password when you keyed it, or the hacker has obtained the file where it's hashed, then it's possible that it might be more easily guessable.
It doesn't matter whether any browser remembers your password. If the hacked page has captured your password when you keyed it, or the hacker has obtained the file where it's hashed, then it's possible that it might be more easily guessable.
My last successful login:
Sat, 22 Oct 2011 (KeyPgCondCreate ⇒ FxMwikki [Suppression of the link to KeyPgCondCreate itself])
My first connection with this garbaged page:
about 30 Oct 2011
And what about this recent change:
Fri, 28 Oct 2011:
(04:49 CDT) [history] - UserSettings ⇒ DrV
with the login-fields deletion.
While the last post from DrV dated Aug 15, 2009:
http://www.freebasic.net/forum/viewtopi ... ht=#124007
Does some hacker has usurped his identity?
Sat, 22 Oct 2011 (KeyPgCondCreate ⇒ FxMwikki [Suppression of the link to KeyPgCondCreate itself])
My first connection with this garbaged page:
about 30 Oct 2011
And what about this recent change:
Fri, 28 Oct 2011:
(04:49 CDT) [history] - UserSettings ⇒ DrV
with the login-fields deletion.
While the last post from DrV dated Aug 15, 2009:
http://www.freebasic.net/forum/viewtopi ... ht=#124007
Does some hacker has usurped his identity?
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
Heh ... some hacker abused DrV's account :-( ... but now it's fixed :-)DrV wrote:I didn't make the change, so I am not sure what happened. (counting_pine notified me that something was up, which is how I got here now.) I've changed my account password. Hopefully that will take care of the problem. If not, feel free to email me.