so, does this mean he stole donations? What, exactly, does this mean?
Yes I agree, this one was an unsuccessful attempt. That does not mean however that it was their last one. If anything it was a test, and they modified the code shortly afterward or had a bot testing dozens of attempts at the same time.Originally Posted by fortilite
Check out the graph... At the very end. Dang
http://www.ronpaulgraphs.com/dec_16_extended_total.html
Think a gambling site tried to crash it before it showed 6 million? Because the widget did crash right before the end.
we will have to be on guard for this in the future :/
a violent minority :/
You can't inject a SQL "attack" from the donation page, completely false. Moreso you couldn't inject a SQL "attack" via a Flash widget. I've worked as a database administrator 2 out of my short 21 years on this Earth :P
Less panic more celebration!!!
Good....that would be horrible if they stole CC
Most likely there was a problem with a polling response, which came back incomplete.
I'm not worried. Just a technical issue.
probably an internal server error but def needs to be checked.
I don't think anyone is dumb enough to do an injection hack on the most trafficked widget on the net
No more Mr. Bad guy
I know, but the question that was asked is what "could" it do. That is sadly the truth... injection attacks can compromise servers, MANY e-businesses learned this the hard way.
Gnerally speaking RP has some of the best Tech people around. There is no way in hell they'd leave a hole for a SQL injection attack. That's just amature $#@!.
Don't worry people, computers (and users) under stress can do wiered things. I've seen it all before, they can usually be explained and they're usually harmless.
I dont know one way or the other but Im tempted to think it was just a technical error caused by the site getting slammed. RPforums got battered, RP2008 got battered, the widget got battered, etc. As long as there wasnt a security breach it doesnt matter anyway since the numbers will still come out correctly after it's totaled up.
"Let it not be said that we did nothing."-Ron Paul
"We have set them on the hobby-horse of an idea about the absorption of individuality by the symbolic unit of COLLECTIVISM. They have never yet and they never will have the sense to reflect that this hobby-horse is a manifest violation of the most important law of nature, which has established from the very creation of the world one unit unlike another and precisely for the purpose of instituting individuality."- A Quote From Some Old Book
hopefully the ones supporting RP aren't hacking at all, its the ones against him and freedom, they already got some of his top videos booted off youtube
Seems to me there were some folks who had a HUGE incentive for the counter not to reach 6 million on 12/16 Eastern time. There's a possible motive. This needs to be nailed if possible since big bucks are in play.
//
Last edited by specsaregood; 04-10-2012 at 06:08 AM.
I saw the numbers go down by 40 or 50K twice. My mom had to try three times to contribute late in the evening. I suspect a lot of contributions were lost. The rate fell during the last hour when the server kept getting clogged or clobbered.
I seriously doubt a hacker could inject false code to cause the widget/server to crash. Considering the amount of money on hand and how important the website is to the campaign considerable safe guards would of been taken to ensure a user could not inject code into the donation fields. Not to mention preventing such attacks are relatively easy.
The site crashed because of over use not some hacker.
I know you cant SQL inject a flash app like that, but you could possibly inject a negative value into the database for the widget.
Think about it, doesn't the submission page use an AJAX method for transferring variables? I think you should be able to inject into that if you were extremely lucky/clever.
yeah I had just donated again, and when I came back to the home page the total had changed from 17980000 to 17920000. Then I waited for my name to be displayed on the home screen, and noticed that after a few refreshes of the total the widget stayed at 17,920,000. I thought to myself, "Why arent people donating"? Has time run out already? Then I looked at my clock and it was about 11:53pm.
Something did happen, just not sure what.
I suspect that the gambling websites or one of the people that placed a bet against us reaching $6million was/is trying to mess with the final total.
The flash widget is the endpoint. The actual injection would be on the SSL server end and the donation page and the language used to parse it. The widget would just catch the remnants of the statements, as it is simply sent a character string to parse to add to the "recent donors"
The flash widget parses a read only text feed on a campaign server. It was likely a parsing error on the widget. Could also be feed acting quirky under load.
Relax folks, it looks like the flash widget just didn't properly parse a server response:
This is the URL that the widget grabs every 30 seconds;
http://www.ronpaul2008.com/webservic...=1197868877026
This is a typical response to that request (click it yourself to see)
It's possible that someone jammed something into the address field that caused the widget to go bonkers, but it seems more likely that it was just a bug.Code:current_quarter_donor_count=118611¤t_week_new_donor_count=25160¤t_quarter_online_sum=15808292.28¤t_quarter_online_count=166607¤t_week_online_sum=6030458.44¤t_week_online_count=58864&today_online_sum=1625233.11&today_online_count=19200&recent_donors=Christopher%7CPeppas%7CRiverside%7CCA%5EKyle%7CBrown%7CValencia%7CCA%5ETaiyo%7CNakata%7CSanta+Cruz%7CCA%5EFrancis%7CBeaulieu%7CGermantown%7CTN%5EManuel%7CCanizares%7CSanta+Monica%7CCA%5EMark%7CUnis%7CLacona%7CNY%5EEric%7CBenavides%7CAllen%7CTX%5EAndrew%7CFelt%7CSun+Prairie%7CWI%5ESpencer%7CFogleman%7CLake+Elsinore%7CCA%5EAmelia%7CCrabtree%7CWheaton%7CIL%5EBill%7CCotton%7CBend%7COR%5ERobert%7CLange%7CPhiladelphia%7CPA%5EGary%7CHunt%7CBrigham+City%7CUT%5EJennifer%7CSchulz%7CLincolnton%7CNC%5EAlexander%7CLaubin%7CSleepy+Hollow%7CNY%5EC+Stedman%7CGarber%7CPhiladelphia%7CPA%5EStephen%7CCooney%7CWoodstock%7CGA%5EKathryn%7CBolton%7CTraverse+City%7CMI%5ECourtney%7CAllen%7CKent%7CWA%5ECalvin%7CMccaskill%7CCorcoran%7CMN&time=1197868962¤t_quarter_offline_sum=2143116.46¤t_quarter_offline_count=34613¤t_week_offline_sum=168082.28¤t_week_offline_count=2352
It could be a crackhead that got hold of the wrong stuff.
A hacker cannot get the CC's unless it's an inside job. Since the campaign doesn't re-authorize the credit card, or re-bill it like a subscription, then they probably shouldn't even be storing the credit card number. They should only be keeping the authorization code, and if they need the number, then they contact their processor with the auth code and get the number.
If they are storing the credit cards numbers for no good reason, the card numbers would have to be encrypted. It's mandatory and if you fail a processor audit where this is concerned, your processor stops accepting your transactions. So a hacker would have to get the encrypted CCs as well as the encryption key. The key is likely stored in a non-web accessible back-end system, and is read by middleware before the insertion takes place.
Credit card numbers are well secured, or no CC processors will do business with you.
Home is where my brothers lie. I stop and kneel at Arlington. You can go around if you like.
They can compromise them, but not cause them to crash. No injection could ever cause the site to go offline the way it did. If injection did cause the site to crash we would be getting php or asp errors (I don't know what the site is built on), not "can not connect to the server" errors.
so, did Ron reach $18 million tonight, or not? Is the current total accurate, or is the former total accurate?
Everyones yammering on and on about what happened, but few questions are being answered here....
Sound like some very optimistic assumptions.
I don't think it's at all surprising that someone would have been trying to compromise - or even did compromise - the servers.
There is a LOT of anti-Ron Paul hatred out there on the internet, from a number of sides, to say nothing of vested interests.
And the paulpledge.com operators were on Grassroots Central earlier this afternoon reporting that their site had been brought down by a botnet DDOS attack originating from Asia.
7 year computer programmer here. ANYWHERE where you submit data in an application has the potential for a SQL injection if you DON'T code against it. You as a Database Admin might also have some power over stopping this, but ultimately it is a proactive solution on either end. YOU may protect your databases from attack, but that does not equate to automatic protection.
That being said, from the snippet shown, I would imagine the scenario already mentioned where the parse character was included in the State field on the submission form was the actual cause.
Want to help Dr. Paul's campaign? Canvass! Learn how at http://www.ronpaulreveres.com/
Want to coordinate your canvassing? Become a Precinct Leader! http://voters.ronpaul2008.com/grassroots/
Rough Draft: Final Notice of Fiscal Burden
http://www.ronpaulforums.com/showthread.php?t=92802
JPEG Graphic of Final Notice of Fiscal Burden http://www.ronpaulforums.com/showthread.php?t=96659
Even if there was a successful SQL injection attack, which I doubt, I'm sure the database is encrypted so any data gained would be worthless.
Your credit card info is safe : )
Downgrading to GeekCON 2
No more Mr. Bad guy
Posting Permissions
Reply With Quote
Connect With Us