• Hacked?

    From bamageek@21:1/140 to All on Sun Feb 2 11:48:01 2020
    Ok Something strange happened here. I went to log in to the BBS and my user account got deleted! Looked back at the user manager and sure enough my
    account wasn't there. There were only 3 accounts and all of them looked to be bogus. I haven't found where anything else was messed up. Any idea how
    someone could have gotten into my user accounts other than logging in as me?

    --- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
    * Origin: Dave's BBS (21:1/140)
  • From StackFault@21:1/172 to bamageek on Sun Feb 2 12:55:01 2020
    Ok Something strange happened here. I went to log in to the BBS and my user account got deleted! Looked back at the user manager and sure
    enough my account wasn't there. There were only 3 accounts and all of
    them looked to be bogus. I haven't found where anything else was messed up. Any idea how someone could have gotten into my user accounts other than logging in as me?

    One other possible scenario, likely you've got hit by the 2020 bug and your user account got deleted as part of the time based user purge in your maintenance. This has happened to me (not as aggressive) in early Jan 2020
    when the bug was first reported.

    Unless you have upgraded to A44, you must disable everything related to
    purging based on days/date.

    Cheers!

    |15 ▀ ▐ |15StackFault |08<|03.|11.|15P|11h|03EN|11o|15M|11.|03.|08>
    |11 ▌ ▀ |11The Bottomless Abyss BBS
    |03 ▀ ▌▀ |03ssh|08.|072222 |08/ |03telnet|08.|072023 |08/ |03https
    |08 ▄■▐ |08bbs|07.|08bottomlessabyss|07.|08net

    --- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
    * Origin: The Bottomless Abyss BBS * bbs.bottomlessabyss.net (21:1/172)
  • From CyntaxX@21:4/113 to StackFault on Sun Feb 2 13:19:21 2020
    On 02 Feb 2020, StackFault said the following...

    One other possible scenario, likely you've got hit by the 2020 bug and your user account got deleted as part of the time based user purge in
    your maintenance. This has happened to me (not as aggressive) in early
    Jan 2020 when the bug was first reported.

    Good possibility but would that explain the 3 bogus accounts? Mind you, I
    often get ppl logging in from telnetbbsguide creating gibberish accounts.

    --- Mystic BBS v1.12 A44 2020/02/01 (Raspberry Pi/32)
    * Origin: Digital Wurmhole | digitalwurmhole.ddns.net:2323 (21:4/113)
  • From Vk3jed@21:1/109 to bamageek on Mon Feb 3 12:59:00 2020
    On 02-02-20 11:48, bamageek wrote to All <=-

    Ok Something strange happened here. I went to log in to the BBS and my user account got deleted! Looked back at the user manager and sure
    enough my account wasn't there. There were only 3 accounts and all of
    them looked to be bogus. I haven't found where anything else was
    messed up. Any idea how someone could have gotten into my user accounts other than logging in as me?

    --- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
    * Origin: Dave's BBS (21:1/140)

    Or did you happen to run userbase maintenance by date? There's a known year 2020 bug in mutil of A43.


    ... COFFEE.EXE Missing - Insert Cup, & Press A Key To Resume.
    === MultiMail/Win v0.51
    --- SBBSecho 3.10-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From Vk3jed@21:1/109 to CyntaxX on Mon Feb 3 13:00:00 2020
    On 02-02-20 13:19, CyntaxX wrote to StackFault <=-

    On 02 Feb 2020, StackFault said the following...

    One other possible scenario, likely you've got hit by the 2020 bug and your user account got deleted as part of the time based user purge in
    your maintenance. This has happened to me (not as aggressive) in early
    Jan 2020 when the bug was first reported.

    Good possibility but would that explain the 3 bogus accounts? Mind you,
    I often get ppl logging in from telnetbbsguide creating gibberish accounts.

    3 accounts were created at some stage...


    ... I predict that today will be remembered until tomorrow!
    === MultiMail/Win v0.51
    --- SBBSecho 3.10-Linux
    * Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (21:1/109)
  • From StackFault@21:1/172 to CyntaxX on Mon Feb 3 08:29:57 2020
    your maintenance. This has happened to me (not as aggressive) in earl Jan 2020 when the bug was first reported.

    Good possibility but would that explain the 3 bogus accounts? Mind you, I often get ppl logging in from telnetbbsguide creating gibberish accounts.

    Well, these 3 accounts may have been created after the maintenance script has run. Again, not enough data in the original post to come to a conclusion.

    Cheers!

    |15 ▀ ▐ |15StackFault |08<|03.|11.|15P|11h|03EN|11o|15M|11.|03.|08>
    |11 ▌ ▀ |11The Bottomless Abyss BBS
    |03 ▀ ▌▀ |03ssh|08.|072222 |08/ |03telnet|08.|072023 |08/ |03https
    |08 ▄■▐ |08bbs|07.|08bottomlessabyss|07.|08net

    --- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
    * Origin: The Bottomless Abyss BBS * bbs.bottomlessabyss.net (21:1/172)
  • From bamageek@21:1/140 to StackFault on Thu Feb 6 07:43:00 2020
    One other possible scenario, likely you've got hit by the 2020 bug and your user account got deleted as part of the time based user purge in
    your maintenance. This has happened to me (not as aggressive) in early
    Jan 2020 when the bug was first reported.

    Unless you have upgraded to A44, you must disable everything related to purging based on days/date.

    That may be what happened. I'm still on A43. I'll go ahead & work on that upgrade!

    --- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
    * Origin: Dave's BBS (21:1/140)
  • From bamageek@21:1/140 to CyntaxX on Thu Feb 6 07:44:23 2020
    Good possibility but would that explain the 3 bogus accounts? Mind you, I often get ppl logging in from telnetbbsguide creating gibberish accounts.

    Maybe the accounts got deleted with the purge and the bogus accounts came in afterwards. They were unvalidated accounts and occasionally I do get folks register with bogus information. Does seem conincidental that there would be three though usually I don't get more than one or two a month

    --- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
    * Origin: Dave's BBS (21:1/140)