IMPORTANT SECURITY INFO !!!

IMPORTANT SECURITY INFO !!!

IMPORTANT SECURITY INFO !!!

Thread started by wuky on Wednesday, 11:02pm May 17th with 10 replies. Views: 1,845

wuky

89 posts

11:02pm May 17th 17

CyberGamer security details have been leaked, I dont know when but i found a lot of data on one of paste bin link. I don't know did the admins knew about it or not but my advice is for all users to immediately change their login credentials.

Best regards
Kresimir

P.S. If any admin needs additional info pm me.

rukki

31 posts

11:24pm May 17th 17

?!

myss

1,427 posts

11:44pm May 17th 17

Send me link in inbox please.

wuky

89 posts

11:48pm May 17th 17

Done, when you read it just confirm it is true, since lot of users pm me and think that i troll them.

intrax_

521 posts

11:55pm May 17th 17


?!

Quote from rukki on the 17th of May 2017

Lepi //

442 posts

12:04am May 18th 17



?!

Quote from intrax_ on the 17th of May 2017

Quote from rukki on the 17th of May 2017

myss

1,427 posts

12:12am May 18th 17

INSERT INTO `users` (`UserId`, `UserName`, `Password`, `PasswordQuestion`, `PasswordAnswer`, `Email`, `IsApproved`, `IsLockedOut`, `IsLoggedIn`, `SessionId`, `CreateDate`, `LastLoginDate`, `LastLoginIP`, `LastPasswordChangeDate`, `LastActivityDate`, `LastLockoutDate`, `LastUnlockDate`, `Comment`, `DestinationUrl`, `ActivationKey`, `IsOwner`, `IsPremium`, `PremiumType`, `PremiumStartDate`, `PremiumEndDate`, `PremiumAmount`, `IsCancelled`, `CancelledDate`, `IsEndOfTerm`, `EndOfTermDate`, `IsPending`, `PendingDate`, `PremiumLevel`) VALUES
(114, 'drdrift', 'password1234', 'none', 'none', '[email protected]', 1, 0, 1, '1408211049', '2011-01-21 17:32:46', '2014-08-16 13:44:09', '141.101.92.234', '0000-00-00 00:00:00', '2014-08-16 13:44:09', '2014-02-22 18:27:12', '2014-02-22 18:28:12', '', 'default', 'd033e22ae348aeb5660fc2140aec35850c4da997', 1, 1, 'Gold Membership', '2014-02-15 00:00:00', '2015-02-28 00:00:00', 15.00, 0, '0000-00-00 00:00:00', 0, '0000-00-00 00:00:00', 0, '0000-00-00 00:00:00', 1),

Quote from pastebin

First I see things in there about Free and Gold Membership, the things that CG never had. User IDs don't match with CyberGamer ones. Table schema doesn't look like CyberGamer's, and it was definitely done by someone with little experience about web development (if you build a website like CG, its natural to assume you learned to not store passwords in plain text, create sessions table instead of single column, don't give so much focus only on Premium in a single table and on first place to create some code wrappers that will sanitize your SQL queries so dumps like these don't happen..)

I can confidently say this is not data from CG but will check it with owner just for safe side. If you don't believe me and still have doubt this is from CG, just check couple UserIds on that list by replacing them here: https://eu.cybergamer.com/profile/UserIdToCheck/

My guess is the dump is from some forum or league made by amateurs..

EDIT:
Its this one: http://www.bitange.com/forum/cup-'-eunet-hosting-summer-games-2014'/xgamer-important/

wuky

89 posts

12:16am May 18th 17


INSERT INTO `users` (`UserId`, `UserName`, `Password`, `PasswordQuestion`, `PasswordAnswer`, `Email`, `IsApproved`, `IsLockedOut`, `IsLoggedIn`, `SessionId`, `CreateDate`, `LastLoginDate`, `LastLoginIP`, `LastPasswordChangeDate`, `LastActivityDate`, `LastLockoutDate`, `LastUnlockDate`, `Comment`, `DestinationUrl`, `ActivationKey`, `IsOwner`, `IsPremium`, `PremiumType`, `PremiumStartDate`, `PremiumEndDate`, `PremiumAmount`, `IsCancelled`, `CancelledDate`, `IsEndOfTerm`, `EndOfTermDate`, `IsPending`, `PendingDate`, `PremiumLevel`) VALUES
(114, 'drdrift', 'password1234', 'none', 'none', '[email protected]', 1, 0, 1, '1408211049', '2011-01-21 17:32:46', '2014-08-16 13:44:09', '141.101.92.234', '0000-00-00 00:00:00', '2014-08-16 13:44:09', '2014-02-22 18:27:12', '2014-02-22 18:28:12', '', 'default', 'd033e22ae348aeb5660fc2140aec35850c4da997', 1, 1, 'Gold Membership', '2014-02-15 00:00:00', '2015-02-28 00:00:00', 15.00, 0, '0000-00-00 00:00:00', 0, '0000-00-00 00:00:00', 0, '0000-00-00 00:00:00', 1),

Quote from myss on the 18th of May 2017

First I see things in there about Free and Gold Membership, the things that CG never had. User IDs don't match with CyberGamer ones. Table schema doesn't look like CyberGamer's, and it was definitely done by someone with little experience about web development (if you build a website like CG, its natural to assume you learned to not store passwords in plain text, create sessions table instead of single column, don't give so much focus only on Premium in a single table and on first place to create some code wrappers that will sanitize your SQL queries so dumps like these don't happen..)

I can confidently say this is not data from CG but will check it with owner just for safe side. If you don't believe me and still have doubt this is from CG, just check couple UserIds on that list by replacing them here: https://eu.cybergamer.com/profile/UserIdToCheck/

My guess is the dump is from some forum or league made by amateurs..

EDIT:
Its this one: http://www.bitange.com/forum/cup-'-eunet-hosting-summer-games-2014'/xgamer-important/

Quote from pastebin


Kinda hope so, but few users i have contacted say's that info on page is the same with the ones i gave them.

myss

1,427 posts

12:22am May 18th 17

Well yeah, we can't prevent people from having the same password on CG and the website that this was leaked from. If they weren't aware of the dump, they probably didn't change their passwords on CG (or anywhere else) and hence the match..

Lepi //

442 posts

12:27pm May 18th 17

Why is chat off ?

head

1,211 posts

4:17pm May 18th 17

Chat should be fixed.

Windows: ctrl + F5
Mac/Apple: Apple + R of command + R
Linux: F5