Looks like the SRD got hacked.
Moderator: Moderators
Looks like the SRD got hacked.
Apparently the d20 SRD has been hacked. Got some wierd and possibly mailcious message showing up when entering the site from the main entrance.
Keys to the Contract: A crossover between Puella Magi Madoka Magica and Kingdom Hearts.
RadiantPhoenix wrote:The D&D wizard is a work of fiction that has a completely unrealistic expectation of "uses a book".TheFlatline wrote:Legolas/Robin Hood are myths that have completely unrealistic expectation of "uses a bow".
hyzmarca wrote:Well, Mario Mario comes from a blue collar background. He was a carpenter first, working at a construction site. Then a plumber. Then a demolitionist. Also, I'm not sure how strict Mushroom Kingdom's medical licensing requirements are. I don't think his MD is valid in New York.
Wait, the .org site?
Has it been considered abandoned?
Has it been considered abandoned?
Phlebotinum : fleh-bot-ih-nuhm • A glossary of RPG/Dennizen terminology • Favorite replies: [1]
nockermensch wrote:Advantage will lead to dicepools in D&D. Remember, you read this here first!
- RobbyPants
- King
- Posts: 5201
- Joined: Wed Aug 06, 2008 6:11 pm
- Judging__Eagle
- Prince
- Posts: 4671
- Joined: Fri Mar 07, 2008 7:54 pm
- Location: Lake Ontario is in my backyard; Canada
I faound that the d20srd.org site wasn't affected at all by this specific event. The 40k Lexicanum wiki, and a bunch of other domains were affected, however.
The Gaming Den; where Mathematics are rigorously applied to Mythology.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
- Judging__Eagle
- Prince
- Posts: 4671
- Joined: Fri Mar 07, 2008 7:54 pm
- Location: Lake Ontario is in my backyard; Canada
Odd, b/c it was accessible when the Lexicanum (et. al) defacement had happened and I was getting p4r4d0x cr3w's defacement page w Mads Mikkelsen on a bunch of other sites.Surgo wrote:d20srd.org was indeed affected, for a couple days it was entirely inaccessible.
The Gaming Den; where Mathematics are rigorously applied to Mythology.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
It was on and off for a while.
Keys to the Contract: A crossover between Puella Magi Madoka Magica and Kingdom Hearts.
RadiantPhoenix wrote:The D&D wizard is a work of fiction that has a completely unrealistic expectation of "uses a book".TheFlatline wrote:Legolas/Robin Hood are myths that have completely unrealistic expectation of "uses a bow".
hyzmarca wrote:Well, Mario Mario comes from a blue collar background. He was a carpenter first, working at a construction site. Then a plumber. Then a demolitionist. Also, I'm not sure how strict Mushroom Kingdom's medical licensing requirements are. I don't think his MD is valid in New York.
I don't really get why it would get hacked in the first place. What domains were tied to it that were worth the trouble of some hacking to be done?
What I find wrong w/ 4th edition: "I want to stab dragons the size of a small keep with skin like supple adamantine and command over time and space to death with my longsword in head to head combat, but I want to be totally within realistic capabilities of a real human being!" --Caedrus mocking 4rries
"the thing about being Mister Cavern [DM], you don't blame players for how they play. That's like blaming the weather. Weather just is. You adapt to it. -Ancient History
"the thing about being Mister Cavern [DM], you don't blame players for how they play. That's like blaming the weather. Weather just is. You adapt to it. -Ancient History
- Judging__Eagle
- Prince
- Posts: 4671
- Joined: Fri Mar 07, 2008 7:54 pm
- Location: Lake Ontario is in my backyard; Canada
From what I gathered from the defacement page that went up on all of the domains, the hackers are trying to get the admin to tighten up a wide range of security faults that these hackers had been warning about, and defacing webpages, previously. Supposedly this was the second time something like this has happened, although it might have been the third; I can't recall the details of the defacement page.Aryxbez wrote:I don't really get why it would get hacked in the first place. What domains were tied to it that were worth the trouble of some hacking to be done?
The defacement page went on to inform the admins that they should clean up all backdoor access to their various domains, with a warning that they would delete all domains if the security holes that had been ID'd earlier weren't fixed up.
Truth be told, the reasons for the hack seem benign. If it was a malicious hack, content would have simply been deleted without any warning; even a partial deletion of wiki entries would be fairly severe to recover from. Instead, they posted a warning to the admin(s) regarding the nature of the hack, and incentive to prevent the domains from being compromised again.
Last edited by Judging__Eagle on Sun Aug 20, 2017 6:42 pm, edited 3 times in total.
The Gaming Den; where Mathematics are rigorously applied to Mythology.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
That hardly seems benign. That's like breaking into someone's home, vandalizing some stuff, and then leaving a note saying "your locks suck, get new ones."
Last edited by Wiseman on Mon Aug 21, 2017 12:36 am, edited 1 time in total.
Keys to the Contract: A crossover between Puella Magi Madoka Magica and Kingdom Hearts.
RadiantPhoenix wrote:The D&D wizard is a work of fiction that has a completely unrealistic expectation of "uses a book".TheFlatline wrote:Legolas/Robin Hood are myths that have completely unrealistic expectation of "uses a bow".
hyzmarca wrote:Well, Mario Mario comes from a blue collar background. He was a carpenter first, working at a construction site. Then a plumber. Then a demolitionist. Also, I'm not sure how strict Mushroom Kingdom's medical licensing requirements are. I don't think his MD is valid in New York.
- JonSetanta
- King
- Posts: 5579
- Joined: Fri Mar 07, 2008 7:54 pm
- Location: interbutts
- RobbyPants
- King
- Posts: 5201
- Joined: Wed Aug 06, 2008 6:11 pm
It used to be that, if you kicked a few bucks their way, you could get a zip file that didn't have any embedded ads and was organized a little more nicely than what you'd get if you spidered the site. The directory tree that I have from decompressing everything is 35 MB in size. (Their FAQ now says that there are no downloads available.)RobbyPants wrote:How big is it?
Have you looked at dndsrd.net? There is an html SRD download. I've not evaluated how useful or feature rich the data is from them.
EDIT: the download is a complete replication of the online site. Size of extracted archive: 43Mb
EDIT: the download is a complete replication of the online site. Size of extracted archive: 43Mb
Last edited by Harshax on Mon Aug 21, 2017 3:24 pm, edited 1 time in total.
- Judging__Eagle
- Prince
- Posts: 4671
- Joined: Fri Mar 07, 2008 7:54 pm
- Location: Lake Ontario is in my backyard; Canada
When someone gets access to an unsecured (i.e. no password, "locks" etc.) backdoor for a large amount of webpages across several web domains (certainly nothing like a "house"; more like a college campus), for the second time, is able to affect a whole range of domains (which obviously weren't compartmentalized by any means), deletes not a single files and gives warning that they will delete files if the glaring security flaws aren't fixed... it's not like any malign hack that I've ever heard about in the slightest.Wiseman wrote:That hardly seems benign. That's like breaking into someone's home, vandalizing some stuff, and then leaving a note saying "your locks suck, get new ones."
Since it's not a malicious hack attempt (no files stolen/deleted, no databases compromised/copied), the extent of damage done is limited to "inserting a single html file for all the domains to redirect to", the hacker tells the admin the methods by which they attained access, and essentially asks for the data on the various domains to be protected from an potentially malicious future attacks; it's really hard to classify this as remotely malicious.
If it wasn't benign, key index pages would be deleted (if not whole databases purged), the methods by which access was attained wouldn't be revealed, and certainly would there not be any sort of statement regarding securing the affected domains with better security in light of an upcoming domain attack.
Now, defacing a website isn't white hat hacking; but the rest of their actions are fairly white hat-like. It's a gray hat action if anything, but it's certainly nothing like black hat hacking.
The Gaming Den; where Mathematics are rigorously applied to Mythology.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
While everyone's Philosophy is not in accord, that doesn't mean we're not on board.
- JonSetanta
- King
- Posts: 5579
- Joined: Fri Mar 07, 2008 7:54 pm
- Location: interbutts
17.4 megsRobbyPants wrote:How big is it?JonSetanta wrote:And that's why I saved the SRD to my laptop.
The Adventurer's Almanac wrote: ↑Fri Oct 01, 2021 10:25 pmNobody gives a flying fuck about Tordek and Regdar.
- JonSetanta
- King
- Posts: 5579
- Joined: Fri Mar 07, 2008 7:54 pm
- Location: interbutts
See if this helps.
Apologies to FBMF if this isn't allowed, I would not know until it's too late.
https://www.4shared.com/zip/fsZ-L2twei/ ... eb_08.html
Apologies to FBMF if this isn't allowed, I would not know until it's too late.
https://www.4shared.com/zip/fsZ-L2twei/ ... eb_08.html
The Adventurer's Almanac wrote: ↑Fri Oct 01, 2021 10:25 pmNobody gives a flying fuck about Tordek and Regdar.