Geekhack updates: WE ARE BACK

mintberryminuscrunch

19 Jul 2012, 19:48

The_Ed wrote:It says my password is wrong. And even when I type it in manually (instead of chrome autotfill) it still says it's wrong.
no passwords were transferred to the new website, so it can't be right, whatever you type!

User avatar
The_Ed
Asperger's... SQUIRREL!

19 Jul 2012, 19:51

17 tries now. mkawa or somebody else needs to MANUALLY send me a password reset email. Or just let me use my original password, which I will then change after I'm in. Whatever is easier for me to gain access.

metafour

19 Jul 2012, 19:52

LittleStevieWonder wrote:Nope.

Any other ideas?

This post from Mkawa gives me little hope.


http://deskthority.net/geekhacker-refug ... tml#p58945
IDK, maybe you're banned...

User avatar
inlikeflynn

19 Jul 2012, 19:54

The_Ed wrote:Why couldn't I just login with my previous password and then be forced to change it with a popup? That would have been a much easier method.
The old password db got compromised during the hacks, so it would have been a risk to continue using it.
You can see this in the r00tworm txt file as part of the password hashes for vBultin are out there.

hope this is no longer an admin password
gh_maverick.png
gh_maverick.png (262.13 KiB) Viewed 31503 times

User avatar
webwit
Wild Duck

19 Jul 2012, 19:54

No ptr record, this makes some mail servers reject mail as spam. Should be fixed by the company which handed out your ip number. Tell them you need a ptr record and give your ip number (65.111.241.203) and name (geekhack.org).

Code: Select all

>dig ptr 203.241.111.65.in-addr.arpa

; <<>> DiG 9.4.3-P2 <<>> ptr 203.241.111.65.in-addr.arpa
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24234
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;203.241.111.65.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
203.241.111.65.in-addr.arpa. 3600 IN    PTR     runt-1.uhhh.org.

;; AUTHORITY SECTION:
241.111.65.in-addr.arpa. 3600   IN      NS      ns1.lldc.net.
241.111.65.in-addr.arpa. 3600   IN      NS      ns2.lldc.net.

;; ADDITIONAL SECTION:
ns1.lldc.net.           3600    IN      A       65.111.253.142
ns2.lldc.net.           3600    IN      A       65.124.105.6

;; Query time: 307 msec
;; SERVER: 67.19.0.10#53(67.19.0.10)
;; WHEN: Thu Jul 19 19:50:11 2012
;; MSG SIZE  rcvd: 150

metafour

19 Jul 2012, 19:59

inlikeflynn wrote:
The_Ed wrote:Why couldn't I just login with my previous password and then be forced to change it with a popup? That would have been a much easier method.
The old password db got compromised during the hacks, so it would have been a risk to continue using it.
You can see this in the r00tworm txt file as part of the password hashes for vBultin are out there.

hope this is no longer an admin password
Was there a disclosure about this from any of the GH mods?

I scrolled through some of the r00tw0rm release when it was first posted which seemed to indicate they got shell access. I never saw a transparent postmortem from anyone though which concerns me.

User avatar
The_Ed
Asperger's... SQUIRREL!

19 Jul 2012, 20:06

webwit wrote:No ptr record, this makes some mail servers reject mail as spam. Should be fixed by the company which handed out your ip number. Tell them you need a ptr record and give your ip number (65.111.241.203) and name (geekhack.org).

Code: Select all

>dig ptr 203.241.111.65.in-addr.arpa

; <<>> DiG 9.4.3-P2 <<>> ptr 203.241.111.65.in-addr.arpa
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24234
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;203.241.111.65.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
203.241.111.65.in-addr.arpa. 3600 IN    PTR     runt-1.uhhh.org.

;; AUTHORITY SECTION:
241.111.65.in-addr.arpa. 3600   IN      NS      ns1.lldc.net.
241.111.65.in-addr.arpa. 3600   IN      NS      ns2.lldc.net.

;; ADDITIONAL SECTION:
ns1.lldc.net.           3600    IN      A       65.111.253.142
ns2.lldc.net.           3600    IN      A       65.124.105.6

;; Query time: 307 msec
;; SERVER: 67.19.0.10#53(67.19.0.10)
;; WHEN: Thu Jul 19 19:50:11 2012
;; MSG SIZE  rcvd: 150
So THIS is the reason I can't get into GH? If so how long does it take to fix?

User avatar
webwit
Wild Duck

19 Jul 2012, 20:09

Probably the time the ISP needs to address the support ticket + max 24 hours for dns.

xbb

19 Jul 2012, 20:39

inlikeflynn wrote:
The_Ed wrote:Why couldn't I just login with my previous password and then be forced to change it with a popup? That would have been a much easier method.
The old password db got compromised during the hacks, so it would have been a risk to continue using it.
Also, It's not possible to import them to a new system if they are hashed differently.

User avatar
eth0s

19 Jul 2012, 21:17

Yeah, I can't log in either. GH doesn't recognize my old password, and won't send me an email to reset a new password. So whatever, it's still busted, at least for me.

User avatar
The_Ed
Asperger's... SQUIRREL!

19 Jul 2012, 22:20

I believe I'm up to 20 tries now... If webwit is right on the missing pointer record it needs to be fixed asap. There is probably a good amount of people who still can't get in because they never receive the password reset emails that are supposedly sent.

User avatar
webwit
Wild Duck

19 Jul 2012, 22:27

We had the same problem at one point... sometimes people didn't get their activation email. I looked into it when the problem grew sometime last year. It turned out this is a mechanism to prevent spam, with growing popularity. It's a very simple reverse dns mechanism. It checks if the IP number that is sending mail from foobar at example.com is indeed affiliated with example.com. Without it, a spammer could use foobar at example.com as the from address. This might not necessarily be the solution to geekhack's problem, as I don't know how they are sending mail (maybe by 3rd party). But they definitely don't have a ptr record.

User avatar
quake4mhger

20 Jul 2012, 07:34

I login with old password, read the note, change to a new password, edit profile, upload an avatar, in 5 minutes :)

Parabellum

20 Jul 2012, 10:58

I wish I could log in..

User avatar
megnin

20 Jul 2012, 14:13

Yeah, I wish I could log in, too. I never get the email. Tried entering just username and email address. Both say an email has been sent, click the link to reset password, buy I never get the email. Checked spam folder, etc.

User avatar
kbdfr
The Tiproman

20 Jul 2012, 15:27

Had no problem logging in (several times), never got the email, though.
So I changed the password in my profile.

mkawa

20 Jul 2012, 16:46

tweaking mail settings. stand by

ripster

20 Jul 2012, 17:28

?

I had no problems logging in.

User avatar
dirge

20 Jul 2012, 18:14

So images and ban list broken?

User avatar
MadScienitst46

20 Jul 2012, 18:28

mkawa wrote:tweaking mail settings. stand by
works for me now!
thanks!

Parabellum

20 Jul 2012, 19:47

Really? The link in the mail just takes me right back to the authentication reminder.

Limmy

20 Jul 2012, 19:50

It works for me too. Thanks!

User avatar
MadScienitst46

20 Jul 2012, 19:52

Parabellum wrote:Really? The link in the mail just takes me right back to the authentication reminder.
clicking the ink didn't work for me neither, but copy/past the address did o.0

User avatar
thegunner100

20 Jul 2012, 19:58

Going to "Forgot your password?" worked for me. But where's the spy?!

Parabellum

20 Jul 2012, 20:13

MadScienitst46 wrote:
Parabellum wrote:Really? The link in the mail just takes me right back to the authentication reminder.
clicking the ink didn't work for me neither, but copy/past the address did o.0
Thanks! ;)

User avatar
webwit
Wild Duck

20 Jul 2012, 20:14

"Users active in past 60 minutes"

It's showing double the amount of users "online" compared to the old geekhack, where this was an already generous 30 minutes. :mrgreen:

User avatar
thegunner100

20 Jul 2012, 20:15

Would be nice if we could get a bigger editting box. The current one is pretty tiny =/

User avatar
rknize

20 Jul 2012, 22:01

You can also just go into your profile and change your password there. If you are still having issues getting access due to missing emails/etc, shoot me, mkawa, or alaricljs a PM here on DT.

mintberryminuscrunch

20 Jul 2012, 22:07

thegunner100 wrote:Going to "Forgot your password?" worked for me. But where's the spy?!
That worked for me, thx

User avatar
The_Ed
Asperger's... SQUIRREL!

21 Jul 2012, 07:49

Thanks for the manual reset mkawa. I guess comcast doesn't like the missing pointer record.

Post Reply

Return to “Geekhacker refugee camp”