Grawp has his way with SlimVirgin, (or at least her page about Poetlister) Options

[Castle Rock]

Speaking of Grawp, he and his buds really hammered Werdna's wiki tonight.

They've pretty-much trashed the place It's like leaving your back door open when you're away and having a troupe of howler monkeys come visit.

Basically, he's de-sysopped everyone, gained global steward rights, checkusered everyone (got my IP address, dammit. Ah well, here's another) and has free rein of the place. Werdna's going to have to shell in, lock the db and do a restore.

It looks like Werdna had a separate wiki attached to it and had left default accounts wide-open allowing steward access to anyone. Grawp logs in and pwns it. Simultaneously impressive and a frickin' nuisance. I'd just cleaned up the earlier mess - ah, well

Hey Castle Rock, how was it for you?

(User rights log); 04:12 . . Castle Rock (Talk | contribs) changed group membership for User:Alison from abusefilter and Sysops to (none) (You're not the boss of me now)

While mild lulz, what's "epic" about taking over a completely unprotected wiki?

It's like all the gripes people put on wikipedia about "omg someone haked ur sight, they edited an article!"

Because it was the Wiki dedicated to pioneering anti-Grawp systems.

[The Joy]

I hate to ask this, but has Wikia fallen to Grawp or do their devs actually have a strong defense system?

[Alison]

Speaking of Grawp, he and his buds really hammered Werdna's wiki tonight.

They've pretty-much trashed the place It's like leaving your back door open when you're away and having a troupe of howler monkeys come visit.

Basically, he's de-sysopped everyone, gained global steward rights, checkusered everyone (got my IP address, dammit. Ah well, here's another) and has free rein of the place. Werdna's going to have to shell in, lock the db and do a restore.

It looks like Werdna had a separate wiki attached to it and had left default accounts wide-open allowing steward access to anyone. Grawp logs in and pwns it. Simultaneously impressive and a frickin' nuisance. I'd just cleaned up the earlier mess - ah, well

Hey Castle Rock, how was it for you?

(User rights log); 04:12 . . Castle Rock (Talk | contribs) changed group membership for User:Alison from abusefilter and Sysops to (none) (You're not the boss of me now)

Dammit - pwnt Alison de-sysop'd by Lateral. I'm guessing that will be all over ED by the morning.

While mild lulz, what's "epic" about taking over a completely unprotected wiki?

It's like all the gripes people put on wikipedia about "omg someone haked ur sight, they edited an article!"

Because it was the Wiki dedicated to pioneering anti-Grawp systems.

Thing is, it's just a scratch wiki. Lather - rinse - repeat. It's not like any damage to anything has been done. If Werdna configs things properly next time, it should be reasonably secure, etc. Then, visits from Grawp, etc would actually be to his advantage, honeypot-style. I think the problem was that Werdna installed the two wikis out of the box, linked them but never locked one of them down.

[Werdna648]

Thing is, it's just a scratch wiki. Lather - rinse - repeat. It's not like any damage to anything has been done. If Werdna configs things properly next time, it should be reasonably secure, etc. Then, visits from Grawp, etc would actually be to his advantage, honeypot-style. I think the problem was that Werdna installed the two wikis out of the box, linked them but never locked one of them down.

Just a pesky combination of a MediaWiki bug amplified by PHP sucking, and a minor misconfiguration on my end, meaning that one of my wikis had Special:Userrights available to everyone. Oops. I've cleaned it all up, though. Only damage was on a 1-year-old wiki that I don't care about, and a 1-month-old wiki that I also don't care about. There were plenty of good things that he should really have done instead on the two private wikis there.

[Alison]

Thing is, it's just a scratch wiki. Lather - rinse - repeat. It's not like any damage to anything has been done. If Werdna configs things properly next time, it should be reasonably secure, etc. Then, visits from Grawp, etc would actually be to his advantage, honeypot-style. I think the problem was that Werdna installed the two wikis out of the box, linked them but never locked one of them down.

Just a pesky combination of a MediaWiki bug amplified by PHP sucking, and a minor misconfiguration on my end, meaning that one of my wikis had Special:Userrights available to everyone. Oops. I've cleaned it all up, though. Only damage was on a 1-year-old wiki that I don't care about, and a 1-month-old wiki that I also don't care about. There were plenty of good things that he should really have done instead on the two private wikis there.

Shush now! Don't give him ideas.

I suggest also that you switch off anon editing for now and enable authenticated account creation only.

Lather. Rinse. Repeat.

[Milton Roe]

I suggest also that you switch off anon editing for now and enable authenticated account creation only.

Lather. Rinse. Repeat.

Say, and that might work for Wikipedia, too!

Flash moment of stark insight.

[Anonymous editor]

pretty pathetic. ByAppointmentTo and Grawp. Congrats, you hacked a wiki that no one cares about. Go blow each other to celebrate. These beings are wasting oxygen.