As of about 5 AM the shittening happened again. Sorry to anyone who got hit with the same dumbass redirect. I’ve reverted to the WordPress default theme just in case the issue was the theme I was using before allowing SQL injection…
Here’s what I know so far…
The whole attack seems to be straight outa China.
When it happens, I’ve seen something basically start hammering on mysql (tons of login failures are produced) which is only open to localhost, so I feel like something is kinda being exploited in a roundabout manner to brute force a password and get in. I’ve changed the passwords to stuff that looks like line noise for now.
No idea what it is but I’ve hidden the old Gallery install for now in case that’s the point of entry.
I’ll be doing the good ol’ nuke and pave soon then reimporting all the content. For now, knock on wood, maybe this will just stay up and uninfected for a couple days until I can get around to that.
Maybe the domain name in use for the JavaShit script – getmyconfigplease -dot- com – is a silly clue, like they’re somehow getting hold of the WordPress config file for this attack? I mean, if that’s obtained by an attacker, they’ve got the database credentials handed to them on a silver platter. If that were the case though I wouldn’t expect to be seeing tons of login failures, just a quick and easy in, spam, and out.
I fucking hate computers 😀
…. When you walk into the studio at like 11 PM, NOBODY else is there, and you’re carrying a huge armload of tools… you walk past a studio door where a long quiet outro of a song has been playing out and suddenly THIS COMES BLASTING OUT
….. in other news I now know exactly which sockets are missing from the socket set and just how far down the hallway they can roll when I FREAK OUT AND THROW EVERYTHING TO THE FLOOR IN SURPRISE WTF
I’ve never been to The Beadman. It sounds like a pretty neat store honestly, but damn if THAT part of their radio ad sounds like nothing else reasonable in this known freaking universe
Uh yeah, sufficient levels of fnord are present. I wonder what the instruction manual looks like?
Speaking of things that have leggy frames, Linguini Mountain is evolving into its final form.
And here’s a thing that’s also afraid of wet…. an aluminum field flange…. also scheduled for replacement. I’m really hoping the innards of that combiner contain none of that folderol. My boss told me that the aluminum fittings are common in the cellular industry, where it works fine because they don’t mix aluminum and brass. If only we were so lucky. Fnord.