warken Report post Posted December 21, 2006 Theres a Scam out there that sends you an email titled Password Fraud! here is the email in full Eternal Lands Password support team! Hello, we are writing you to inform that somone has tryed to change your password! We want to request you to confirm or disconfirm this action within 24h! Please click -> Here <- and show us your desition! Thanks. Eternal Lands support www.eternal-lands.com Please ignore this email if you will get it. Eternal-lands would never tell you if someone was trying to change your password. They also sent this Phishy website http://articlever.com/stw/Sp/www.eternal-lands.com/ Share this post Link to post Share on other sites
Ulrih Report post Posted December 21, 2006 Hello, we are writing you to inform that somone has tryed to change your password! We want to request you to confirm or disconfirm this action within 24h! (...) Please click -> Here <- and show us your desition! Even in Eternal Lands there are no such typos. How about someone give them the password and the mods could watch who's loging onto it. Share this post Link to post Share on other sites
warken Report post Posted December 21, 2006 im already engineering myself into there site. ^^ Share this post Link to post Share on other sites
Cycloonx Report post Posted December 21, 2006 (edited) Eternal Lands Password support team! Edited December 21, 2006 by Cycloonx Share this post Link to post Share on other sites
sirdan Report post Posted December 21, 2006 Eternal Lands staff/mods/devs whatever will NEVER ask for you password Share this post Link to post Share on other sites
warken Report post Posted December 21, 2006 because they already have it ^^ Share this post Link to post Share on other sites
SCIPIOGOD2 Report post Posted December 21, 2006 because they already have it ^^ Share this post Link to post Share on other sites
Stardark Report post Posted December 21, 2006 whaah, i need to do a suicide, some1 knows my pass , the mods! Ah the mods, ok, i dont suicide than, phiew Share this post Link to post Share on other sites
maximos Report post Posted December 21, 2006 mods dont know passes.. i believe i mean with molime knowing my password who knows what might happen Share this post Link to post Share on other sites
warken Report post Posted December 21, 2006 yea mods dont know passes they dont need to know them. Only Entropy has access to the password file, i believe. Share this post Link to post Share on other sites
The_Piper Report post Posted December 21, 2006 mods dont know passes.. i believe i mean with molime knowing my password who knows what might happen You will turn into a fish sandwich instantly. And, right, mods dont know your passwords, they dont need to know them, why should they? Piper Share this post Link to post Share on other sites
Learner Report post Posted December 21, 2006 yea mods dont know passes they dont need to know them. Only Entropy has access to the password file, i believe. Entropy & I have access to the passwords, but that is because we are full server admins, not mods. Mods do not have access to your passwords. Share this post Link to post Share on other sites
dejan Report post Posted December 21, 2006 (edited) EL team would ask You to vote for EL on MMORPG websites x times per day, but they will NEVER ask for Your password (probably because it is stored in plain-text format in some database). (JK!) Edited December 21, 2006 by Dejan Share this post Link to post Share on other sites
Ghrae Report post Posted December 21, 2006 The whole idea of mods having passwords is ridiculous. What would we do with them? Help you get unstuck? If we did it for you, you'd never know how to do it yourself and would just keep asking us to do it. Sorry, we have enough work to do without playing everyone's characters as well. Share this post Link to post Share on other sites
wexy Report post Posted December 21, 2006 (edited) What I found out so far: ftp/ssh username is (prolly): articlev FTP server is Pure-FTPd, can't see version. http://articlever.com/index.php?page=/home...ands.com/login2 http://articlever.com/index.php?page=XXX lets you include any file on website with .php extension (this would open XXX.php in main directory). The above example opens the login2.php which processes the user/pass for EL thingie. Whoever made such stupid bug that allows opening files site wide must have had made another one that will let me see the file without PHP parsing it and seeing the email where data is sent . *If you don't want this post/info here mods delete plx, I just want to help to find out who's behind this.* Edited December 21, 2006 by wexy Share this post Link to post Share on other sites
Entropy Report post Posted December 21, 2006 Wow, cool, must mean we important now. It was always annoying to see that only ebay, paypal and various banks were targeted BTW, if anyone enters their username and password and get hacked, we will not restore their accounts (or if we do so, it will be for a fee). Share this post Link to post Share on other sites
Gohan Report post Posted December 21, 2006 Wow, cool, must mean we important now. It was always annoying to see that only ebay, paypal and various banks were targeted BTW, if anyone enters their username and password and get hacked, we will not restore their accounts (or if we do so, it will be for a fee). Maybe its just: Start low, end big? Don't exclude that option. (Don't get me wrong, EL is important to me! ) -Blee Share this post Link to post Share on other sites
Cycloonx Report post Posted December 21, 2006 Wow, cool, must mean we important now. It was always annoying to see that only ebay, paypal and various banks were targeted BTW, if anyone enters their username and password and get hacked, we will not restore their accounts (or if we do so, it will be for a fee). You are proud a little kid is trying to scam passwords? Share this post Link to post Share on other sites
redsoxlovr10 Report post Posted December 21, 2006 (edited) Wow thats good, ima gona check me email right now, and yeah, ent or learner if u ever get the time, look at my pass and wonder how i ever memorized it =) (Edit: Hmmm yeah i checked my email, nothing, maybe its only sent out to those who don't have their email adress hiden on forums.) Edited December 21, 2006 by redsoxlovr10 Share this post Link to post Share on other sites
Robb Report post Posted December 22, 2006 Got one of these myself, wonder where they got the email addresses from, the forum? Share this post Link to post Share on other sites
redsoxlovr10 Report post Posted December 22, 2006 Got one of these myself, wonder where they got the email addresses from, the forum? Well yeah i can't imagine that they got your email just by accident... I'm sure that they r just looking at everybody's accounts on EL forums to check if it shows their email or not... guy sounds kinda newbie doing something like this and not expecting to get caught, wouldnt be surprised if they sent one to one of the Admins lol Share this post Link to post Share on other sites
Entropy Report post Posted December 22, 2006 Got one of these myself, wonder where they got the email addresses from, the forum? Normally, this should not be possible, unless if there is some IPB exploit we are unaware of. Please forward me that e-mail at chaos_rift at yahoo, and make sure to incluse the headers and everything. It is also possible that maybe you posted your e-mail in some guild forum or something? Share this post Link to post Share on other sites
vytukas Report post Posted December 22, 2006 LOL @ this phishing attempt, they ask for password in clear text Share this post Link to post Share on other sites
warken Report post Posted December 22, 2006 well i visited this site and my guild site, an the email came in after that. So either this site has someone lookin on it or mysite does ^^ I'll check into it as well. Share this post Link to post Share on other sites
Entropy Report post Posted December 22, 2006 Ok, we got the IP (88.119.6.235, from Lithuania) of the scammer and banned his entire B class. Unfortunately there were no previous players logging from that IP. Share this post Link to post Share on other sites