Results 1 to 18 of 18

Thread: AVA 3.1.4 Released

  1. #1
    AV Scripts Founder
    Join Date
    Oct 2006
    Posts
    8,717

    Default AVA 3.1.4 Released

    Hi everyone,

    Many AVA sites were today hacked, but this update will fix this security problem.

    You can find the usual downloads here: http://avscripts.net/downloads/index...me=AV%20Arcade

    What happened? Carelessness. An old file was left in the zip of AV Arcade installs which allowed the hackers to access the admin and make modifications. This update replaces that file with an empty one.

    If your site was hacked, follow these steps to get your site back: http://www.forum.avscripts.net/showp...1&postcount=19

    Thanks for the support everyone.

    Andy
    Wherever possible, please use the forum to ask for support rather than sending me a PM
    I help where I can with code changes/modification but overall: if the script doesn't do something you want it to do, please suggest it for a future update.

  2. #2
    Junior Member
    Join Date
    Jul 2008
    Posts
    17

    Default

    thanx but what the file i replace ? or install all script again?

  3. #3
    AV Scripts Founder
    Join Date
    Oct 2006
    Posts
    8,717

    Default

    Download the update which applies to you, the instructions tell you what files need to be uploaded.
    Wherever possible, please use the forum to ask for support rather than sending me a PM
    I help where I can with code changes/modification but overall: if the script doesn't do something you want it to do, please suggest it for a future update.

  4. #4
    Junior Member
    Join Date
    Jul 2008
    Posts
    17

    Default

    done

    thanx andy plz visite my post

    http://www.forum.avscripts.net/showt...=8592#post8592

  5. #5
    License owner
    Join Date
    Dec 2007
    Location
    Cairns, Australia
    Posts
    612

    Default

    Thanks Andy.

    All updated.

    Was also a reminder to myself to back up my sites again.
    I'm the friggin' happiness fairy
    I've sprinkled happy dust on you
    Now smile dammit - this stuff is expensive

    Free Online Flash Games | eOnline Games | Fun Free Games| Web Flash Games | Mutha
    Domain Names - Hosting - Feral Domains

  6. #6
    License owner
    Join Date
    Jul 2008
    Location
    NoWares
    Posts
    1,518

    Default

    thanks for the update.... the 'hacker' was really doesn't have a clue, some script kiddie that found a sploit posted somewhere.

    He has profiles all over the place asking dumb questions.
    http://forum.mininova.org/index.php?showuser=1096

    I bet he just found a hackers site and is going thro some tutorials or something.

    Maybe people should try rewording the "Powered by AV Arcade v3." text in the global footer... remember it's againts TOS to remove it, so just changing it a little should stop it being Dorked
    Twitter: @mradamdavies

  7. #7
    Junior Member
    Join Date
    Jul 2008
    Posts
    7

    Default

    If you want to see details on how to recover your full database information go to removed
    Last edited by MudGuts; 07-21-2008 at 09:03 AM.

  8. #8
    License owner
    Join Date
    Dec 2007
    Location
    Cairns, Australia
    Posts
    612

    Default

    Quote Originally Posted by nowares View Post
    thanks for the update.... the 'hacker' was really doesn't have a clue, some script kiddie that found a sploit posted somewhere.
    Hi nowares.

    Have looked arounsd for the exploit post but have not been successful so far.

    There seems to be 2 distinct exploits being used.

    One is a sql injection, which 3.1.4 update will plug, while the other is a code attack.

    I am thinking that without any further proof, the code exploit may be caused by someones file permissions being too loose. Not sure.
    I'm the friggin' happiness fairy
    I've sprinkled happy dust on you
    Now smile dammit - this stuff is expensive

    Free Online Flash Games | eOnline Games | Fun Free Games| Web Flash Games | Mutha
    Domain Names - Hosting - Feral Domains

  9. #9
    Junior Member
    Join Date
    Jul 2008
    Posts
    7

    Default

    MudGuts, why did you removed the link? I was only trying to help. When my sites got hacked, I've updated to the new version(as written here in the forum), but there were still some problems left. I just wrote how to solve those. So why did you deleted the link??

  10. #10
    License owner
    Join Date
    Dec 2007
    Location
    Cairns, Australia
    Posts
    612

    Default

    Hi zupergames.

    It was just that it didn't seem appropriate to post fixes to Av Arcade via a link to another site.

    By all means put the url up again and I will leave it to Andy as to whether he thinks it is appropriate or not.

    If you have fixes for other vulnerabilities, could please post them in this forum as well so others can see them without leaving the forum.

    Thanks.
    I'm the friggin' happiness fairy
    I've sprinkled happy dust on you
    Now smile dammit - this stuff is expensive

    Free Online Flash Games | eOnline Games | Fun Free Games| Web Flash Games | Mutha
    Domain Names - Hosting - Feral Domains

  11. #11
    Junior Member
    Join Date
    Jul 2008
    Posts
    7

    Default

    Quote Originally Posted by MudGuts View Post
    Hi zupergames.

    By all means put the url up again and I will leave it to Andy as to whether he thinks it is appropriate or not.

    Thanks.
    Ok then, here it is again: http://www.zupergames.net/page/2/AVA...d-Solution.htm

    Again, I have explained there what you have to change in your phpMyAdmin database besides updating to the last version of AVArcade.

  12. #12
    License owner
    Join Date
    Jul 2008
    Location
    NoWares
    Posts
    1,518

    Default

    Or just follow this........


    If you have been hacked by DEADMASTER

    1. You have to log in to your phpMyAdmin
    2. Update the name of your website in ava_settings -> field site_name
    3. Remove last link from ava_links (the one named www . dizaynturk . net)
    4. If you use a custom template, update the template_url from ava_settings (he changed it to default)
    (EDIT by NoWares I changed this in the admin cp. But if you want to do it the long way......)

    If you have been hacked by MARATONCREW

    1. You have to log in to your phpMyAdmin
    2. Update the name of your website in ava_settings -> field site_name
    3. Remove last link from ava_links (script...)
    4. Remove the last page (and probably the single one if you don't have any custom one) from ava_pages (script...)
    5. If you use a custom template, update the template_url from ava_settings (he changed it to default)


    If you have any questions, drop me an email. Thanks for reading.

    Note there both Turkish groups.... I have banned all turkish IPS
    Last edited by nowares; 07-24-2008 at 08:46 PM.
    Twitter: @mradamdavies

  13. #13
    License owner
    Join Date
    Jul 2008
    Posts
    29

    Default

    HackeD By ThE.BiLeN & VeZiR.04 & NeTBey

    http://blushable.com/

    It was just a test of avarcade, I downloaded it about a week ago from avarcade and it is version
    AV ARCADE v3.1.2
    16th June 2008
    avscripts.net

  14. #14
    Junior Member
    Join Date
    Jun 2008
    Posts
    11

    Default

    Quote Originally Posted by nowares View Post
    Note there both Turkish groups.... I have banned all turkish IPS
    I'm sure they are using proxies, so banning Turkish IP addresses won't help.

  15. #15
    Junior Member
    Join Date
    Jul 2008
    Posts
    7

    Default

    Version 3.1.4 is still having problems. My other site is hacked again (has been updated to 3.1.4 when it was hacked last time).

    "H A C K E D !

    Turkiye Hack Team

    RobiN - DreamTurk - PiT10 - Crazy_King - DarkxBoyZ - Eftalit - UzMaN - n0-SeqReT"

    Any ideas?

    Oh, and BTW, I can't access the admin panel either (redirects to their site: site [dot] mynet [dot] com [slash] hacked_by_robin )

    Edit: It seems that there was another hacker too: www [dot]fastworm [dot] by [dot] ru (he changed the categories in the database)

    Edit2: The fastworm website is hacked by STARHACKZ [dot] COM. Awesome! Hackers are being hacked!
    Last edited by zupergames; 07-26-2008 at 07:41 AM.

  16. #16
    License owner
    Join Date
    Jun 2008
    Posts
    21

    Default

    same problem here! After updating to the last version 3.1.4, my 2 sites were already hacked...

    the more important one is onlinegames3.com, hacked by alperenler (another turkish boy)

    what´s the problem with the script buddies???

  17. #17
    Junior Member
    Join Date
    Sep 2008
    Location
    Rotorua, New Zealand
    Posts
    1

    Default hacked again for the 3rd time since upgraded to 3.1.4



    hacked-by-ugurdogan

    I can't even access the area to fix: http://www.forum.avscripts.net/showp...1&postcount=19
    terrynz, you do not have permission to access this page.

    Just about had enough of this script and the hacks.

    Can someone help to get this sorted, please.

    thanks

  18. #18
    AV Scripts Founder
    Join Date
    Oct 2006
    Posts
    8,717

    Default

    Could you link to your site? PM if you like.
    Wherever possible, please use the forum to ask for support rather than sending me a PM
    I help where I can with code changes/modification but overall: if the script doesn't do something you want it to do, please suggest it for a future update.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •