[LOL WHOOPS] Recent Downtime [I ATE AN INTERNET] (Thread)

Ok, long story short:
When attempting to ban a certain problem user, the site decided to ban EVERYONE. Through a bit of magic with our new dev, @TrevInc, we were able to restore things to how they were prior, somewhat. The magic comes from the fact that we basically exploited a backdoor(to be fixed ASAP) in our site's code.

It was quite convoluted, summed up by @TrevInc as

XSS via Telnet from within the machine itself over SSH over VNC

And please do yourselves a favor. This is't an excuse to break rules. It's still easily possible to ban you, it just has to be done a different way. Don't make an ass of yourself for nothing. <3

@TrevInc highfive

Hope you guys fix this. Although it'd be funny if one of the mods overlooked this, banned someone, and ended up banning everyone else.

Well, we can always exploit the same backdoor again, and fix things again.

@TrevInc is so awesome I'll give him a brofist,better than highfives.



But really, glad he fixed it.

Admin accidentally an entire site.

Still, good to hear things are working again. Good on ya, @TrevInc.

I tried to think about what I did to get banned, but then I got into a match for LoL and forgot about it.

Handshake @TrevInc

I wonder if other sites do this to their new devs. Break everything, and then see if the new guy can work some miracle to fix it.

@PureBoredom - I'm looking forward to the thread where momo and gar accidentally ban themselves... and then Trev, being the saint/badass that he is, not only unbans them but manages to fix various outstanding site issues.... AT THE SAME TIME.

All kidding aside (assuming this isn't some ploy like Pure said :) ) then good job @TrevInc. Already getting your hands dirty. Good work.

I'm very asdffdsaa about this. Also @Trev, you could have accessed the redis pool through ssh with the account I gave you. No need to hack ;-;

Also, all fix'd.

Well, there are quite a few different places in your stack you could have been handling bans. No superuser permission makes adjusting most of those a pain, if not impossible. The complicated solution was really more dumb luck than anything -- I did it on a whim ^^;

But definitely thanks for letting me know, for future reference. It's a good thing the security hole got patched up too.

Everybody wins~


sounds legit i highfive this guy

I was surprised because I actually thought I got banned for poor grammar.

