Tagged: hack

Unhacked and Upgraded!

When I last updated GameLuv’s WordPress backend it was a harrowing ordeal involving several steps, numerous saved database files, and a reactivation process that never seemed to finish and clean up after itself. So once we got the site back to operational status I’m sure you can understand how I felt less than compelled to upgrade when another “upgrade now” notice popped up not a week later. I kept putting it off and look what happened! We got hacked!

I don’t understand it in the least but there was an exploit just recently discovered in older versions of WordPress (what we were using) that let unscrupulous types weasel their way into an admin account, insert some erroneous spam code and then try to back out without leaving a trace. I noticed the bad code right away but didn’t realize what it meant until yesterday at which point we managed to delete the BADmin accounts, upgrade the site and… promptly kill the database. Ooops! So I spent a few hours just now basically poking holes in PHP MyAdmin and miraculously got the site back up and operational! Horray for blind stinking luck!

Here’s where you guys come in. I’ve been meaning to update our comment system for a while and though I’d love to code my own proprietary system with all kinds of fancy whistles and bells, I’m perfectly happy using Disqus. The system is live on GameLuv right now and has folded in all your old comments but you’ll need to claim them for your icons or gravatars to show. Unfortunately, this does mean creating an account at Disqus but it is supported by a ton of sites around the web and it allows you to send your comments to Twitter and Facebook.

*Gee, that’d be a nice way of helping spread the word about GameLuv while at the same time sharing your insightful opinions with your friends and family!*

So if you’ve got a minute, find your last comment on the site, claim it, and we’ll all have happy colorful icons and a fancy new social media-y comment system to help us babble back and forth about games with! Welcome back to GameLuv!

Forensic Toolkit for Xbox 360 could unlock the Console

I’m not gonna dwell on this one too much but I think it’s kinda awesome that a “forensic toolkit” for the Xbox 360 may hold the key to hackers, modders, and homebrewers finally getting deep inside Microsoft’s console. And I quote!

A forensics toolkit for the Xbox gaming console is described by US researchers in the latest issue of the International Journal of Electronic Security and Digital Forensics. The toolkit could allow law enforcement agencies to scour the inbuilt hard disk of such devices and find illicit hidden materials easily. Computer scientist David Collins has probably spent more time messing around with the Microsoft XBox, other gaming consoles, and PDAs in the name of forensic science than anyone else. He is a digital forensics expert at Sam Houston State University, and is working hard to replicate “mods” – both hardware and software for the Xbox and other devices.

Criminals often hide illicit data on the XBox in the hope that a gaming console will not be seen as a likely evidence target especially when conventional personal computers are present in the same premises, for instance. The toolkit developed by Collins will allow police and other investigators the chance to lay bare the contents of XBox hard disks.

Collins’ XFT utility can mount an image of the FATX file system used by the XBox, allowing the user to explore in detail the directory structure. Collins points out that unlike the standard FAT32, NTFS, and similar systems used by the hard disks in personal computers, there is little documentation on the proprietary FATX system. However, it is possible nevertheless to acquire an image of a FATX hard disk and to mount it on another device.

Thanks to escience news and Xbox-Scene.