BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 52d, 0h, 49m | CPU: 13% | MEM: 5706MB of 10754MB used
{The community for beta collectors}

Post new topic Reply to topic  [ 18 posts ] 
Author Message
 PostPost subject: (old) BetaArchive.co.uk Database Leaked        Posted: Sat Jul 18, 2009 9:23 pm 
Reply with quote
Everyone should know this, as it affects everyone. The BetaArchive Database has leaked. I strongly urge everybody to change their passwords immediately. The database is currently making it's way around certain IRC networks. For proof, I offer you all this -
Image
Image


Top
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sat Jul 18, 2009 9:37 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
This leak is from over 6 months ago, a leak we are aware of. Everyone has already changed their passwords. There isn't much I can do about this leak.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sat Jul 18, 2009 9:40 pm 
Reply with quote
Am I affected? I registered on April, Tom says I'm fine


Top
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sat Jul 18, 2009 9:41 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
No, this happened around Dec 08/Jan 09. You are unaffected.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sun Jul 19, 2009 2:21 am 
Reply with quote
Donator
Offline

Joined
Fri Oct 26, 2007 5:12 pm

Posts
2461
LEt me guess, Zimmy sent you this?


Top  Profile
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sun Jul 19, 2009 11:22 am 
Reply with quote
Donator
Offline

Joined
Mon Feb 25, 2008 3:57 am

Posts
429

Location
Greece

Favourite OS
Windows 7 Ultimate x64 SP1
CRAP, I didn't change It. [censored]!


Top  Profile
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sun Jul 19, 2009 11:30 am 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Hacker?pcs wrote:
CRAP, I didn't change It. [censored]!


I hope you have now that you have mentioned it here...

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sun Jul 19, 2009 12:00 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Wed Apr 11, 2007 2:11 pm

Posts
2607

Location
Germany, Earth

Favourite OS
Windows 10
Aren't the passwords in the database encrypted anyway?

_________________
MS vNext: Windows 10 ESD Database - Windows 10 Build Labs - Windows 10 Update Archive - Office 2016 Version Tracker - Office Downloader


Top  Profile  WWW
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sun Jul 19, 2009 12:01 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Daniel wrote:
Aren't the passwords in the database encrypted anyway?


Yes but md5 is quite easily brute forcable these days.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sun Jul 19, 2009 1:43 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Nov 09, 2008 12:09 am

Posts
2480

Location
Bristol, UK

Favourite OS
Windows 8
SIGH

Offtopic Comment
could the topic have it's urgent thing replaced with old or similar?

_________________
Image


Top  Profile  WWW
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Sun Jul 19, 2009 3:05 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Rioter wrote:
SIGH

Offtopic Comment
could the topic have it's urgent thing replaced with old or similar?


Good idea. Don't want everyone getting worried.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: (old) BetaArchive.co.uk Database Leaked        Posted: Mon Jul 20, 2009 9:53 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Nov 30, 2006 6:10 pm

Posts
2648

Location
Land of The Tea.

Favourite OS
Windows 10 Pro x64
Idiot's of teh interwebz
One of witch is me:)

_________________
Image
| Personal site - Social links - PC setup | TF2 Game Servers |
Liking traps isn't gay, its not gay if it looks like a girl
I-i-it's n-not as if I wanted to ban you or anything. B-baka. (「・ω・)「


Top  Profile  WWW
 PostPost subject: Re: (URGENT) BetaArchive.co.uk Database Leaked        Posted: Mon Sep 28, 2009 6:02 pm 
Reply with quote
FTP Access
Offline

Joined
Mon Aug 31, 2009 6:21 pm

Posts
283

Location
Norway

Favourite OS
Windows 2K sp4/Linux Mint
Andy wrote:
Daniel wrote:
Aren't the passwords in the database encrypted anyway?


Yes but md5 is quite easily brute forcable these days.

A little off-topic question. Are only md5 easy to bruteforce, or is sha-1 and many of the other encryptions methods easy to?


Top  Profile
 PostPost subject: Re: (old) BetaArchive.co.uk Database Leaked        Posted: Mon Sep 28, 2009 7:25 pm 
Reply with quote
Donator
Offline

Joined
Sat Feb 24, 2007 4:14 pm

Posts
6612

Location
United Kingdom

Favourite OS
Server 2012 R2
Well, MD5 is easier to brute force than say, SHA1, because it's shorter. MD5 produces a 128bit hash value, SHA1 produces 160bit, which increases the number of possible values by 2^32.

Brute forcing takes a lot of time though, unless you have a CUDA-enabled Graphics Card, so there are two other options:

- Rainbow Tables, which have a range of pre-calculated passwords with their MD5 hashes. It's a common method these days, being able to crack more passwords, at the expense of either a relatively long generation time, or a sizeable download. It's also defeated if the forum is say, phpBB3 or IPB 2/3, which salt their passwords, meaning you must know the salt too, and makes Rainbow Tables relatively ineffective, as they must be so much larger to counter the salts as well.

- Dictionary Cracks, which is basically just throwing a large dictionary. Different cracking software can also put dictionaries together to catch even more words, and rotate commonly associated letters and numbers, like changing 'e' to '3'. While it won't crack any well-thought-out password, or foreign passwords, it'll still catch more passwords than it doesn't in my experience. I'd say even on a knowledgeable tech forum like this, a reasonable dictionary attack could crack around 60% or more of the passwords.

_________________
BuildFeed - the ultimate collaborative NT build list - Windows Longhorn - a look at a defining Microsoft project


Top  Profile  WWW
 PostPost subject: Re: (old) BetaArchive.co.uk Database Leaked        Posted: Mon Sep 28, 2009 8:40 pm 
Reply with quote
FTP Access
Offline

Joined
Mon Aug 31, 2009 6:21 pm

Posts
283

Location
Norway

Favourite OS
Windows 2K sp4/Linux Mint
Thanks, didn't now all that.

But why use md5 when you can use something more secure? By myself i use sha1 for my phpscripts, but i've read that sha1 is a bit outdated now, and its made an better replacement.


Top  Profile
 PostPost subject: Re: (old) BetaArchive.co.uk Database Leaked        Posted: Tue Sep 29, 2009 1:01 am 
Reply with quote
Donator
Offline

Joined
Sat Feb 24, 2007 4:14 pm

Posts
6612

Location
United Kingdom

Favourite OS
Server 2012 R2
hakon wrote:
Thanks, didn't now all that.

But why use md5 when you can use something more secure? By myself i use sha1 for my phpscripts, but i've read that sha1 is a bit outdated now, and its made an better replacement.


Why use SHA1s for Forums when you can get away with salted MD5s, that are just that little bit quicker to generate.

_________________
BuildFeed - the ultimate collaborative NT build list - Windows Longhorn - a look at a defining Microsoft project


Top  Profile  WWW
 PostPost subject: Re: (old) BetaArchive.co.uk Database Leaked        Posted: Thu Oct 01, 2009 8:42 am 
Reply with quote
Offline

Joined
Mon Aug 17, 2009 10:23 am

Posts
473

Favourite OS
Dancing Banana
If they brute force the MD5 it's likely they get another password that hashes to the same MD5 string.. so at least the original password is a little safer... but not really anything to be happy about. Md5'ing takes very little time when combined in with all the other processing phpbb does and it still takes some effort to crack.. not worth it for just BA if you ask me..

@Andy how did it get leaked... you didn't use 'password' as the password did you :mrgreen:


Top  Profile
 PostPost subject: Re: (old) BetaArchive.co.uk Database Leaked        Posted: Thu Oct 15, 2009 10:24 am 
Reply with quote
Donator
Offline

Joined
Fri Oct 26, 2007 5:12 pm

Posts
2461
monkey56657 wrote:
@Andy how did it get leaked... you didn't use 'password' as the password did you :mrgreen:


viewtopic.php?f=1&t=6390

Gives you something to read while you're on the toilet


Top  Profile
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 18 posts ] 




Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS