Blog: Sorry guys :(

Nomad
April 19th, 2013 20:17
Sorry about the downtime guys, someone had fun stealing user sessions using an exploit on the site, instead of just informing us so we could patch the site up. :(

The user succeeded in hijacking Nix0ns account, using his admin rights to post fake news, and rename users. These users have all been fixed, and all content touched, has been reverted to its previous state.

We want to stress that the database was never accessed, and no passwords were lost. The amount of user accounts affected is also limited.

We have done our best to make sure this does not happen again, but one little bug is sadly all it takes.

You might have noticed you have been automatically logged out after the downtime, that is a security measure so any login cookies hijacked will not work, we are of course annoyed that we had to logout everyone, but we could not run the risk of user and admin accounts being vulnerable.

However, HLTV.org is here to stay, and a little setback like this will only serve to make us stronger. I hope you will all accept our deepest apology, and forgive us. Security holes are never acceptable, so no excuses, we fucked up.
No problem :) hltv.org the best :)
2013-04-19 20:19
whats wrong with admin on cadred?
2013-04-27 16:26
#3
Portugal picc 
No problem.
2013-04-19 20:19
so that's why my nickname was qwe2226 and i had 3 posts i haven't made. he must know i'm famous, since my account was a target. infact, the target was me, not hltv
2013-04-19 20:19
Nice to see HLTV.org back! :)
2013-04-19 20:20
Fortunately no damage was made, thank goodness for backups!
2013-04-19 20:21
Would be nice to have a response from yourself - PM me.
2013-04-19 20:21
GG
2013-04-19 20:22
Was a pretty hard time :( I was bored so hard, I started learning Chinese during that down time and now I'm speaking it fluently.
2013-04-19 20:24
hahahaha
2013-04-19 20:42
LOOOOOOL.
2013-04-19 23:57
Genius !! LOL
2013-04-24 12:34
lol Thanks to the down time , a language genius detected.:D
2013-04-27 10:45
#12
India xb0y 
Track IP and lodge complaint? Attack was started from hltv.org/?pageid=14&userid=439664 this ID
2013-04-19 20:22
No use really..
2013-04-19 20:24
i've noticed that thread but i had no inspiration to troll that shit
2013-04-19 20:24
2013-04-19 21:16
The IP used to store the cookies was 86.185.109.71, which is a BT customer (UK).
2013-04-19 23:43
i hope he fucked up some dreamteams:D
2013-04-19 20:23
God, the past hours were a nightmare. Without HLTV i started to doubt the purpose behind my existence; there was nothing to do.
2013-04-19 20:24
LOL
2013-04-19 21:01
Top lel.
2013-04-20 05:32
+1
2013-04-20 11:01
The fact that people think it's acceptable to do things like this. *Sigh*
2013-04-19 20:30
anyway, i'm glad hltv is back before the matches tonight and i hope we wont have any other problems. FU hackers. oh, btw, i'm trying not to suspect them, but i think this is linked to that random site. ca dead ed
2013-04-19 20:32
*Face palm*
2013-04-20 00:01
#65
Romania tr$ 
Your own comments are suspicious as fuck.
2013-04-20 00:40
:D. i was a victim, my nickname was changed. i hope they can track the hacker and obama will do invasion in: 3 2 1 me and boston victims:<
2013-04-20 00:50
+1
2013-04-20 05:33
Was getting worried what with ESEA coming up, but swift correction of the problem, <3.
2013-04-19 20:32
NP.
2013-04-19 20:40
Np i just took some extra reps at the gym while u where gone :)
2013-04-19 20:46
Oh noes! damn kids.
2013-04-19 20:48
you should have started the blog with "sry, sry for insultes"
2013-04-19 20:48
haha yeah
2013-04-19 20:56
Lel!
2013-04-20 05:33
All cool :D I thought my life was over.
2013-04-19 20:49
Np guys,it was a rather quick maintance. We've seen match delays 3 times that,so:)
2013-04-19 20:57
I laughed my ass off when I saw the topic they created, posted at Facebook "NIGGERS AT CADRED" LMAO
2013-04-19 21:02
I have noticed an error with access this morning. Is it h4xx0r played?
2013-04-19 21:05
Stay strong HLTV!
2013-04-19 21:08
#43
 | 
China Specster 
What doesn't kill you make you stronger!
2013-04-19 21:19
The rather worrying thing is that i literally read your downtime message around 50 times in half an hour. lol! :)
2013-04-19 21:32
Haha, +1
2013-04-19 21:36
I know that feel bro :D
2013-04-19 23:44
+1
2013-04-20 05:34
ahah true
2013-04-20 05:42
There we were, now here we are. HLTV is inmune! :D
2013-04-19 21:39
Nevermind , gl hltv administration, you are the best :)
2013-04-19 21:59
Nomad rampage...multikill :D
2013-04-19 22:01
most website would not even bother to make a statement about this =) just keep up the good work ^^
2013-04-19 22:13
Some people just have too much free time...
2013-04-20 00:04
problem?
2013-04-20 07:21
;)
2013-04-20 16:26
It is surely not mine as you yourself know.
2013-04-20 23:43
You're admin on a CS website. Are you sure aout who has too much free time?
2013-04-21 00:55
So you apparently can't do more than one thing at the same time?
2013-04-21 01:08
What doesn't kill you makes you stronger :)
2013-04-20 00:06
same exploit that was posted here couple days ago ?
2013-04-20 00:08
<3 HLTV.org
2013-04-20 00:27
How did he manage to store user sessions in the first place?
2013-04-20 00:46
u wanna know to much. they save our passwords and someone cracked the script. don't user the pass on hltv on other sites/email/paypal.
2013-04-20 00:51
No, the password was not "cracked", all passwords are hashed (en.wikipedia.org/wiki/Hash_function), and in the database which was not accessed.
2013-04-20 02:40
i was joking/trolling. i've noticed that my pass is the same. only the username got changed.
2013-04-20 02:44
Esea dreamteam gone?
2013-04-20 04:26
It is right there as far as I can see.
2013-04-20 04:55
hahahahahaha oh :D.
2013-04-20 07:22
It's OK.
2013-04-20 10:08
Shit happens :) I had revealing couple of hours while hltv was down, thinking about the meaning of life and crap like that, but then everything got fixed ;)
2013-04-21 04:39
pffffewww just in time XD
2013-04-21 14:43
2013-04-21 09:23
uh oh...
2013-04-21 11:14
#95
 | 
Netherlands liQuidmoTion 
shif happens :P
2013-04-21 11:35
stop stealing my lines :P #89
2013-04-21 14:49
shit happens :D
2013-04-21 18:35
#101
 | 
Netherlands liQuidmoTion 
lol didn't read comments above ^_^ sorry youtube.com/watch?v=30GD25un0XQ
2013-04-21 21:47
Okay:)
2013-04-26 15:44
Rip hltv
2016-06-20 10:54
Login or register to add your comment to the discussion.