Jump to content

Account hacking (Leo)


Guest Elijah Mikaelson
 Share

Recommended Posts

2 minutes ago, James II said:

I've seen logs and screen shots but I see no proof of hacking. Only that Gorge knew he had the ability to do so to remove BK members via a third party log in to Leo's account that he was given access to by Leo.

 And about 21 minutes after he says this, BK starts getting kicked, to the consternation of your coalition, including one where Cooper indicates that if it's George, he should be expelled from the coalition.

.

Link to comment
Share on other sites

2 minutes ago, Inst said:

 And about 21 minutes after he says this, BK starts getting kicked, to the consternation of your coalition, including one where Cooper indicates that if it's George, he should be expelled from the coalition.

He also shared that information with a lot of people, including people who had the same access he did.

"Most successful new AA" - Samuel Bates

Link to comment
Share on other sites

19 minutes ago, James II said:

He also shared that information with a lot of people, including people who had the same access he did.

That's rather ridiculous, isn't it? If you're saying he shared a strategic weapon with your side, that would be pure folly because he wouldn't have guarantees that the one-use weapon would be used at appropriate and useful sides. And it's still something that happened on your side.

 

On the BK side, the timing of the attack was especially unfortunate since many BK government members were offline at that moment. It could have been far worse and the alliance could have been fully disbanded, but the slow rate of attack resulted in its discovery and abortion. Leo, moreover, had personal business to attend to at the time which George would have known. In other words, there's a difference between shooting yourself in the leg to claim you were assaulted and shooting yourself in the head.

 

Put it another way, which is more plausible? That George had begun the attack 21 minutes after talking about it openly, or that BK had somehow perfectly timed it to coincide with low government activity and George's departure?

 

===

 

Personally, from your response, I think you know just as well as I do Geroge did it. Problem is, it's not politically convenient for your side to admit such. It's a constant affair of deflection and introducing "whataboutisms" to create uncertainty, which simply reflects the fact.


On my side, the nature of the attack (Leo's machine was compromised and used to kick members) means that it does not require Alex's intervention, since, as you've said, this is more a matter for law enforcement agencies (who won't intervene as I've shown). Still, a fundamental commitment to truth (i.e, you can leave the BS to other KERCHTOG$+TCW+Fark members) is one of the things that give us dignity.

Edited by Inst

.

Link to comment
Share on other sites

9 minutes ago, Inst said:

That's rather ridiculous, isn't it? If you're saying he shared a strategic weapon with your side, that would be pure folly because he wouldn't have guarantees that the one-use weapon would be used at appropriate and useful sides. And it's still something that happened on your side.

 

On the BK side, the timing of the attack was especially unfortunate since many BK government members were offline at that moment. It could have been far worse and the alliance could have been fully disbanded, but the slow rate of attack resulted in its discovery and abortion. Leo, moreover, had personal business to attend to at the time which George would have known. In other words, there's a difference between shooting yourself in the leg to claim you were assaulted and shooting yourself in the head.

 

Put it another way, which is more plausible? That George had begun the attack 21 minutes after talking about it openly, or that BK had somehow perfectly timed it to coincide with low government activity and George's departure?

 

===

 

Personally, from your response, I think you know just as well as I do Geroge did it. Problem is, it's not politically convenient for your side to admit such. It's a constant affair of deflection and introducing "whataboutisms" to create uncertainty, which simply reflects the fact.


On my side, the nature of the attack (Leo's machine was compromised and used to kick members) means that it does not require Alex's intervention, since, as you've said, this is more a matter for law enforcement agencies (who won't intervene as I've shown). Still, a fundamental commitment to truth (i.e, you can leave the BS to other KERCHTOG$+TCW+Fark members) is one of the things that give us dignity.

Is the IP address on BKnet that did the bank transactions, the same that removed the nations?

"Most successful new AA" - Samuel Bates

Link to comment
Share on other sites

3 minutes ago, James II said:

Is the IP address on BKnet that did the bank transactions, the same that removed the nations?

Ask Curu. I'm an outside contractor working pro bono. But then... do you trust Curufinwe? Like I said, if the proof is in our hands, you can always claim we falsified it or just plain lied about it.

Edited by Inst

.

Link to comment
Share on other sites

12 minutes ago, Inst said:

Ask Curu. I'm an outside contractor working pro bono. But then... do you trust Curufinwe? Like I said, if the proof is in our hands, you can always claim we falsified it or just plain lied about it.

screenshots of the IP would be sufficient.

"Most successful new AA" - Samuel Bates

Link to comment
Share on other sites

18 minutes ago, Yosodog said:

Well I'm just glad that my baby from 2015 is getting attention and I can make my first shitpost in years.

What better way to spend a Friday night than looking at logs. To be clear, I don't really give a shit about this game and you all know I have no love or super hatred towards BK so hopefully this post is fairly conclusive.

I still run BK's forums and BKNet was 90% created by myself. The entire banking aspect as created by myself but I have not maintained the application since early 2017. Tiber and George have maintained and added to the application since.

I can say with fairly certain confidence that George did in fact abuse BKNet to remove members from BK and had the help of an accomplice.

Of course the database password for BKNet is stored in an environment file and George had access to that password. The password was not changed after George left BK. There are only three people that I am aware of that have had access to and that is myself, Tiber, and George. This is how George obtained the database password. BKNet does have the ability to remove members from the alliance. Through an Internal Affairs module that managed the upgrade training of the applicants, George and his accomplice removed members from the alliance. George used phpMyAdmin (which, why the hell did I not remove that program?) to delete the logs that track these kinds of things. It is clear that while George's accomplice removed the members from the alliance, George cleaned up the logs in the database. Fortunately, Apache keeps logs of every request and yes, I really did look through them. You can clearly see the GET and POST requests to the specific endpoints in the Internal Affairs module of BKNet by his accomplice to remove the members and the specific endpoints of phpMyAdmin utilized by George to modify the database.

Why do I know this is George? Well, this is why I said "fairly certain confidence." The IP address involved in this attack matches the same location of all the IP address that George used to login to the BK forums. Additionally, the only way for someone to have access to the BKNet database is to have had access to the environment file, which out of myself, Tiber, and George, the only one with a motive here is George. As for his accomplice, all I know is he is from France and uses the OnePlus A6013.

So while I can't say for certain that George conducted this "attack," I would say it is fairly clear that he was involved.

Additionally, everything that BKNet does requires some sort of user input to initiate the action. If this was a script that went "rogue," then the script would've been initiated with an internal IP and it is clear that it was not. BKNet was not compromised; it did exactly what it was told. This was a failure of basic security and BK has learned the lesson the hard way.

So he didn't not, not do it.

  • Haha 2
Link to comment
Share on other sites

Except: https://law.justia.com/cases/federal/district-courts/virginia/vaedce/3:2016cv00853/353101/25/ (a civil case ruling that the action of a former employee remotely accessing the server is criminal).

 

I'll see what BK proper has to retort to this, if they choose to.

  • Upvote 2

.

Link to comment
Share on other sites

Just now, Shadowthrone said:

That's not what was written above. 

 

 

5 hours ago, Yosodog said:

he password was not changed after George left BK.

 

4 hours ago, Mad Max said:

is clear that while George's accomplice removed the members from the alliance, George cleaned up the logs in the database.

Did not kick anyone or "hack". Hypothetically in such a scenario all id have done was clean up after the person responsible, after the dmed me and told me wht they did when i inadvertently pulled up a PW doc on my pc when screen sharing . Of coarse thats hypothetical and i maintain innocence. 

 

 

 

 

0b3897cd640f95254329f7a2d45d8c77b1c120e.

 

Link to comment
Share on other sites

3 minutes ago, George said:

Did not kick anyone or "hack". Hypothetically in such a scenario all id have done was clean up after the person responsible, after the dmed me and told me wht they did when i inadvertently pulled up a PW doc on my pc when screen sharing . Of coarse thats hypothetical and i maintain innocence. 

 

"Hypothetical." I enjoy your bullshit George. But this thread is in essence your attempt to screw with BK more and nothing else. 

Edited by Shadowthrone
  • Upvote 2
Link to comment
Share on other sites

5 minutes ago, Shadowthrone said:

"Hypothetical." I enjoy your bullshit George. But this thread is in essence your attempt to screw with BK more and nothing else. I enjoy your completely partisan attempts at it though. There is no "real-talk" regarding bots, outside of your politicking over it. Go build your own banking software if you're that salty over being caught embezzling stuff and kicked out for screwing over a community that trusted you. 

I already have one? lolz

 

Im not about to give a shit about what the "lets kill alliances and force them out of the game so we can never have to worry again" squad. thinks or says

 

Kicked out is lolzy, i basically offered to leave and was planning my exit for over a month. Like gtfo out of here with you high and mighty bull, your a POS and nothing more. Id be more than happy to have you and Roq quit or get banned. 

 

Edited by George

0b3897cd640f95254329f7a2d45d8c77b1c120e.

 

Link to comment
Share on other sites

4 minutes ago, George said:

I already have one? lolz

 

Im not about to give a shit about what the "lets kill alliances and force them out of the game so we can never have to worry again" squad. thinks or says

 

Kicked out is lolzy, i basically offered to leave and was planning my exit for over a month. Like gtfo out of here with you high asnd mighty bull, your a POS and nothing more. Id be more than happy to have you and Roq quit or get banned. 

 

 

Pot calling kettle black. You literally tried killing those who called you their own for years, and gave you a community to work win. I look forward to ensuring you pay for your attempts to screw with BKNet after pretty much admitting you just did. 

And hey at least I don't have to resort to cheating or breaching third party softwares, to do what I have to do ICily. Guess you can't win a war or play the game without being a cheat. Enjoy. 

Edited by Shadowthrone
  • Like 2
  • Upvote 3
Link to comment
Share on other sites

Just now, Shadowthrone said:

 

Pot calling kettle black. You literally tried killing those who called you their own for years, and gave you a community to work win. I look forward to ensuring you pay for your attempts to screw with BKNet after pretty much admitting you just did. 

Alliances who want to force people out of the game shouldn't exist. I never admited to anything :P

 

Someday NPO will burn, i look foward to tht day

0b3897cd640f95254329f7a2d45d8c77b1c120e.

 

Link to comment
Share on other sites

3 minutes ago, George said:

Alliances who want to force people out of the game shouldn't exist. I never admited to anything :P

 

Someday NPO will burn, i look foward to tht day

I look forward to that day as well. Doubtful you'll be around to see it ;) 

By your conditions, Demacia should not exist. Since you just attempted to force BK out of the game, and mass-kicked their alliance via security breaches. Enjoy your high horse for a while longer. 

  • Like 1
  • Upvote 1
Link to comment
Share on other sites

Guest Elijah Mikaelson
13 hours ago, Teaspoon said:

So is that a yes, then? Hypothetically speaking, if I were to infect someone's computer with a virus that makes them delete their nation automatically the next time they log in, you will take no action because it appears to you that all actions taken were tacitly approved by the player, and I will not get in any trouble if there's no proof I did it?

I'm sure all the people in this thread cheering on what happened to BK would absolutely LOVE that. ?

No as no one gave you or the virus the log in details, LEO did give his log in details, why is this so hard for you to understand.

LEO approved the webapp, LEO gave his details to said APP how is this hard for you to understand? IF it was a virus I would be calling for gorge to be banned but it wasn't god damn

Link to comment
Share on other sites

11 minutes ago, Arathorn said:

Because just as if you worked as an opening manager for your local dollar store and was given a set of keys to be able to open up shop every morning, yes you were approved and authorized at that time while you were agreeing to work for them. Additionally, having those keys doesn't authorize you to go in any time you wish and take any and/or all items you wish. And had you resigned from that job and still had the keys because there wasn't a chance to return them yet, using those keys to get in is now quite obviously unauthorized, as the day you resigned you relinquish your employment and rights to access it. Even without the keys, if you discovered the door unlocked in the middle of the night, you'd still be charged with breaking & entering, because surprise surprise...the door being unlocked is not necessarily granting permission or authorization for you to go in.

Don’t bother. George admitted he did it with his hypothetical cop out above and EM is Still defending him. 

  • Like 2
  • Upvote 1
Link to comment
Share on other sites

Guest Elijah Mikaelson
29 minutes ago, Arathorn said:

Because just as if you worked as an opening manager for your local dollar store and was given a set of keys to be able to open up shop every morning, yes you were approved and authorized at that time while you were agreeing to work for them. Additionally, having those keys doesn't authorize you to go in any time you wish and take any and/or all items you wish. And had you resigned from that job and still had the keys because there wasn't a chance to return them yet, using those keys to get in is now quite obviously unauthorized, as the day you resigned you relinquish your employment and rights to access it. Even without the keys, if you discovered the door unlocked in the middle of the night, you'd still be charged with breaking & entering, because surprise surprise...the door being unlocked is not necessarily granting permission or authorization for you to go in.

having Keys do not authorise you to steal, I never said what gorge did was right or fair, I made the point and stand by it that he did not hack Leo's account, Now as someone who owes a store I can tell you this, IF I sacked someone and I did not take the keys from them at that appointed time I sacked them, I would have changed the locks as my insurance would been null and void by failing to do so. the the crime would not be as punishable as i failed to remove the keys from them as BK failed to change the pass codes.

Also if the store was unlocked and they entered and stole something it would be shoplifting a minor offence and trespassing at a push, it would not be breaking and entering as they did not break anything to get in, if the door was locked and they broke in that would be burglary and a real crime. 

You can twist this as much as you like but the fact remains, 1) gorge was in the wrong, 2) BK failed to remove him from BKnet, 3) Leo lied 

Would like to point out as well, Gorge had kept nothing therefore did not steal anything, and as proven by others gorge cleared the tracks of someone else in BK who kicked people, maybe you need to move on from this train of thought

18 minutes ago, Shadowthrone said:

Don’t bother. George admitted he did it with his hypothetical cop out above and EM is Still defending him. 

and your still a liar so what, I said all along what gorge did was wrong, but does not change the fact leo lied about being hacked

Edited by Elijah Mikaelson
Link to comment
Share on other sites

George, why wanna hurt bk so much? The forcing people out of the game as you call it started after your month long plan to leave, after you took 9 or 10bn (and gave it to oathbreaker bjorn cryside). Bk was fun with you in it! You werent being harassed, ignored or a low member who didnt get any info. so why? 

Is it really because of the permazi over the theft?

Link to comment
Share on other sites

11 hours ago, Yosodog said:

Well I'm just glad that my baby from 2015 is getting attention and I can make my first shitpost in years.

What better way to spend a Friday night than looking at logs. To be clear, I don't really give a shit about this game and you all know I have no love or super hatred towards BK so hopefully this post is fairly conclusive.

I still run BK's forums and BKNet was 90% created by myself. The entire banking aspect as created by myself but I have not maintained the application since early 2017. Tiber and George have maintained and added to the application since.

I can say with fairly certain confidence that George did in fact abuse BKNet to remove members from BK and had the help of an accomplice.

Of course the database password for BKNet is stored in an environment file and George had access to that password. The password was not changed after George left BK. There are only three people that I am aware of that have had access to and that is myself, Tiber, and George. This is how George obtained the database password. BKNet does have the ability to remove members from the alliance. Through an Internal Affairs module that managed the upgrade training of the applicants, George and his accomplice removed members from the alliance. George used phpMyAdmin (which, why the hell did I not remove that program?) to delete the logs that track these kinds of things. It is clear that while George's accomplice removed the members from the alliance, George cleaned up the logs in the database. Fortunately, Apache keeps logs of every request and yes, I really did look through them. You can clearly see the GET and POST requests to the specific endpoints in the Internal Affairs module of BKNet by his accomplice to remove the members and the specific endpoints of phpMyAdmin utilized by George to modify the database.

Why do I know this is George? Well, this is why I said "fairly certain confidence." The IP address involved in this attack matches the same location of all the IP address that George used to login to the BK forums. Additionally, the only way for someone to have access to the BKNet database is to have had access to the environment file, which out of myself, Tiber, and George, the only one with a motive here is George. As for his accomplice, all I know is he is from France and uses the OnePlus A6013.

So while I can't say for certain that George conducted this "attack," I would say it is fairly clear that he was involved.

Additionally, everything that BKNet does requires some sort of user input to initiate the action. If this was a script that went "rogue," then the script would've been initiated with an internal IP and it is clear that it was not. BKNet was not compromised; it did exactly what it was told. This was a failure of basic security and BK has learned the lesson the hard way.

Following this post, I'll note on behalf of t$ that we are reassessing the situation and will be in contact with BK shortly.

  • Upvote 3

 

os9LcJK.gif

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use and the Guidelines of the game and community.