September 18, 2022 at 8:46 PM
Some russian skids were crawling my site with user-agent value set to "gamesense.fun" so I decided to check their website... also FYI; this is not their first time getting breached whatsoever
Website: gamesense.fun ― https://web.archive.org/web/20220918203223/https://gamesense.fun/
Backend IP: 45.130.41.76
SMTP: [email protected]:lwL*x0BL
Compromised users: 150
Date of Breach: 18th September 2022
Attack vector: blind SQLi
Contains both, hashed passwords in SHA1( $password ) and plain text versions stored in the "nopass" column.
Download:
https://dataism-x.com/en/h4CAlMOUb6zWc94/file
https://mir.cr/0PA7NJNK
Website: gamesense.fun ― https://web.archive.org/web/20220918203223/https://gamesense.fun/
Backend IP: 45.130.41.76
SMTP: [email protected]:lwL*x0BL
Compromised users: 150
Date of Breach: 18th September 2022
Attack vector: blind SQLi
Contains both, hashed passwords in SHA1( $password ) and plain text versions stored in the "nopass" column.
Table structureSpoiler
CREATE TABLE `users` (
`id` int(10) UNSIGNED NOT NULL,
`group_id` int(10) UNSIGNED NOT NULL DEFAULT '3',
`username` varchar(200) NOT NULL DEFAULT '',
`password` varchar(40) NOT NULL DEFAULT '',
`email` varchar(80) NOT NULL DEFAULT '',
`title` varchar(50) DEFAULT NULL,
`realname` varchar(40) DEFAULT NULL,
`url` varchar(100) DEFAULT NULL,
`jabber` varchar(80) DEFAULT NULL,
`icq` varchar(12) DEFAULT NULL,
`msn` varchar(80) DEFAULT NULL,
`aim` varchar(30) DEFAULT NULL,
`yahoo` varchar(30) DEFAULT NULL,
`location` varchar(30) DEFAULT NULL,
`signature` text,
`disp_topics` tinyint(3) UNSIGNED DEFAULT NULL,
`disp_posts` tinyint(3) UNSIGNED DEFAULT NULL,
`email_setting` tinyint(1) NOT NULL DEFAULT '1',
`notify_with_post` tinyint(1) NOT NULL DEFAULT '0',
`auto_notify` tinyint(1) NOT NULL DEFAULT '0',
`show_smilies` tinyint(1) NOT NULL DEFAULT '1',
`show_img` tinyint(1) NOT NULL DEFAULT '1',
`show_img_sig` tinyint(1) NOT NULL DEFAULT '1',
`show_avatars` tinyint(1) NOT NULL DEFAULT '1',
`show_sig` tinyint(1) NOT NULL DEFAULT '1',
`timezone` float NOT NULL DEFAULT '0',
`dst` tinyint(1) NOT NULL DEFAULT '0',
`time_format` tinyint(1) NOT NULL DEFAULT '0',
`date_format` tinyint(1) NOT NULL DEFAULT '0',
`language` varchar(25) NOT NULL DEFAULT 'English',
`style` varchar(25) NOT NULL DEFAULT 'Cobalt',
`num_posts` int(10) UNSIGNED NOT NULL DEFAULT '0',
`last_post` int(10) UNSIGNED DEFAULT NULL,
`last_search` int(10) UNSIGNED DEFAULT NULL,
`last_email_sent` int(10) UNSIGNED DEFAULT NULL,
`last_report_sent` int(10) UNSIGNED DEFAULT NULL,
`registered` int(10) UNSIGNED NOT NULL DEFAULT '0',
`registration_ip` varchar(39) NOT NULL DEFAULT '0.0.0.0',
`last_visit` int(10) UNSIGNED NOT NULL DEFAULT '0',
`admin_note` varchar(30) DEFAULT NULL,
`activate_string` varchar(80) DEFAULT NULL,
`activate_key` varchar(8) DEFAULT NULL,
`messages_enable` tinyint(1) NOT NULL DEFAULT '1',
`messages_email` tinyint(1) NOT NULL DEFAULT '0',
`messages_flag` tinyint(1) NOT NULL DEFAULT '0',
`messages_new` int(10) UNSIGNED NOT NULL DEFAULT '0',
`messages_all` int(10) UNSIGNED NOT NULL DEFAULT '0',
`pmsn_last_post` int(10) UNSIGNED DEFAULT NULL,
`csgo` datetime DEFAULT NULL,
`discord` text,
`hwid` text,
`discord_reason` text,
`hwid_reason` text,
`hwid_ip` text,
`hwid_ip_new` text,
`discord_ip` text,
`discord_ip_new` text,
`discord_new` text,
`hwid_new` text,
`img_key` text,
`ga` text,
`ga_enabled` varchar(1) NOT NULL DEFAULT '0',
`by` int(11) DEFAULT NULL,
`used_version` decimal(10,1) DEFAULT NULL,
`nopass` varchar(255) DEFAULT NULL,
`nopass_new` varchar(255) DEFAULT NULL,
`win` varchar(32) DEFAULT NULL,
`lose` varchar(32) DEFAULT NULL,
`lastauth` datetime DEFAULT NULL,
`token` text
) ENGINE=MyISAM DEFAULT CHARSET=utf8;Download:
https://dataism-x.com/en/h4CAlMOUb6zWc94/file
https://mir.cr/0PA7NJNK
