PDA

View Full Version : AVA 3.1.4 Released



Andy
07-19-2008, 05:26 PM
Hi everyone,

Many AVA sites were today hacked, but this update will fix this security problem.

You can find the usual downloads here: http://avscripts.net/downloads/index.php?action=showcatfiles&cat_id=2&cat_name=AV%20Arcade

What happened? Carelessness. An old file was left in the zip of AV Arcade installs which allowed the hackers to access the admin and make modifications. This update replaces that file with an empty one.

If your site was hacked, follow these steps to get your site back: http://www.forum.avscripts.net/showpost.php?p=8591&postcount=19

Thanks for the support everyone.

Andy

extra pc
07-19-2008, 05:37 PM
thanx but what the file i replace ? or install all script again?

Andy
07-19-2008, 05:44 PM
Download the update which applies to you, the instructions tell you what files need to be uploaded.

extra pc
07-19-2008, 06:00 PM
done

thanx andy plz visite my post

http://www.forum.avscripts.net/showthread.php?p=8592#post8592

MudGuts
07-20-2008, 01:00 AM
Thanks Andy.

All updated.

Was also a reminder to myself to back up my sites again.

nowares
07-20-2008, 07:20 PM
thanks for the update.... the 'hacker' was really doesn't have a clue, some script kiddie that found a sploit posted somewhere.

He has profiles all over the place asking dumb questions.
http://forum.mininova.org/index.php?showuser=1096

I bet he just found a hackers site and is going thro some tutorials or something.

Maybe people should try rewording the "Powered by AV Arcade v3." text in the global footer... remember it's againts TOS to remove it, so just changing it a little should stop it being Dorked ;)

zupergames
07-20-2008, 09:38 PM
If you want to see details on how to recover your full database information go to removed

MudGuts
07-21-2008, 08:08 AM
thanks for the update.... the 'hacker' was really doesn't have a clue, some script kiddie that found a sploit posted somewhere.


Hi nowares.

Have looked arounsd for the exploit post but have not been successful so far.

There seems to be 2 distinct exploits being used.

One is a sql injection, which 3.1.4 update will plug, while the other is a code attack.

I am thinking that without any further proof, the code exploit may be caused by someones file permissions being too loose. Not sure.

zupergames
07-21-2008, 07:00 PM
MudGuts, why did you removed the link? I was only trying to help. When my sites got hacked, I've updated to the new version(as written here in the forum), but there were still some problems left. I just wrote how to solve those. So why did you deleted the link??

MudGuts
07-22-2008, 06:20 AM
Hi zupergames.

It was just that it didn't seem appropriate to post fixes to Av Arcade via a link to another site.

By all means put the url up again and I will leave it to Andy as to whether he thinks it is appropriate or not.

If you have fixes for other vulnerabilities, could please post them in this forum as well so others can see them without leaving the forum.

Thanks.

zupergames
07-22-2008, 08:22 PM
Hi zupergames.

By all means put the url up again and I will leave it to Andy as to whether he thinks it is appropriate or not.

Thanks.

Ok then, here it is again: http://www.zupergames.net/page/2/AVArcade-Hacked-Solution.htm

Again, I have explained there what you have to change in your phpMyAdmin database besides updating to the last version of AVArcade.

nowares
07-24-2008, 12:34 PM
Or just follow this........


If you have been hacked by DEADMASTER

1. You have to log in to your phpMyAdmin
2. Update the name of your website in ava_settings -> field site_name
3. Remove last link from ava_links (the one named www . dizaynturk . net)
4. If you use a custom template, update the template_url from ava_settings (he changed it to default)
(EDIT by NoWares I changed this in the admin cp. But if you want to do it the long way......)

If you have been hacked by MARATONCREW

1. You have to log in to your phpMyAdmin
2. Update the name of your website in ava_settings -> field site_name
3. Remove last link from ava_links (script...)
4. Remove the last page (and probably the single one if you don't have any custom one) from ava_pages (script...)
5. If you use a custom template, update the template_url from ava_settings (he changed it to default)


If you have any questions, drop me an email. Thanks for reading.

Note there both Turkish groups.... I have banned all turkish IPS

masterful
07-25-2008, 11:29 AM
HackeD By ThE.BiLeN & VeZiR.04 & NeTBey

http://blushable.com/

It was just a test of avarcade, I downloaded it about a week ago from avarcade and it is version
AV ARCADE v3.1.2
16th June 2008
avscripts.net

geeknik
07-25-2008, 06:39 PM
Note there both Turkish groups.... I have banned all turkish IPS

I'm sure they are using proxies, so banning Turkish IP addresses won't help.

zupergames
07-26-2008, 06:31 AM
Version 3.1.4 is still having problems. My other site is hacked again (has been updated to 3.1.4 when it was hacked last time).

"H A C K E D !

Turkiye Hack Team

RobiN - DreamTurk - PiT10 - Crazy_King - DarkxBoyZ - Eftalit - UzMaN - n0-SeqReT"

Any ideas?

Oh, and BTW, I can't access the admin panel either (redirects to their site: site [dot] mynet [dot] com [slash] hacked_by_robin )

Edit: It seems that there was another hacker too: www [dot]fastworm [dot] by [dot] ru (he changed the categories in the database)

Edit2: The fastworm website is hacked by STARHACKZ [dot] COM. Awesome! Hackers are being hacked!

Doomm
09-06-2008, 06:22 PM
same problem here! After updating to the last version 3.1.4, my 2 sites were already hacked...

the more important one is onlinegames3.com, hacked by alperenler (another turkish boy:()

what´s the problem with the script buddies???

terrynz
09-29-2008, 03:48 AM
:mad::mad::mad:

hacked-by-ugurdogan

I can't even access the area to fix: http://www.forum.avscripts.net/showpost.php?p=8591&postcount=19
terrynz, you do not have permission to access this page.

Just about had enough of this script and the hacks.

Can someone help to get this sorted, please.

thanks

Andy
09-30-2008, 09:33 PM
Could you link to your site? PM if you like.