top of page

Kahldal's Interview w/ Ayden

Writer's picture: Confic MagazineConfic Magazine

Updated: Oct 1, 2022

News & Opinion, Media & Tech

by DrKaldahl





 

Note: To protect the security of certain SCP Staff, details of hacking have been slightly simplified.


Wikidot has served as the primary vector for Containment Fiction for over fifteen years now, ever since the SCP Wiki first crawled out of the primordial soup of the forum era. From SCP and Backrooms, to their respective spinoffs at RPC and LA, to the myriad cheap imitations of the aforementioned sites, Wikidot has been through a lot. Nonetheless, it’s held up. Things have seriously escalated in the last few months, however.


First, on May 19, a hack that Wikidot has claimed originated in the Russian Federation took down the platform entirely. According to SCP Staff’s monthly news post for June 2022, the incident was not government-sponsored, but merely the work of a single entity.


Later, on June 17th, SCP Wiki’s home page was edited to contain promotion for a Discord-based hacker, who had gained access to Site Admin ManyMeats’ account. Then, in July, A Discord user by the name “Ayden” (tag removed to avoid promotion) agreed to an exclusive interview with Confic Magazine. This user provided concrete proof of their responsibility for the June 17th main page incident.


According to Ayden, a search of previously leaked databases revealed ManyMeats’ email, and a previous hack revealed codes that could be used to acquire passwords linked to that email.


“Around 6 months ago, I was on my PC, very bored, so I started looking for scary stories. I found SCP, decided, ‘oh, that looks cool’, went to their website, realized they had a visible admin page, tried a few logins, and luckily enough got ManyMeats. I found his email in a dump from many years ago, and made a program that allows me to dehash passwords if they've already been solved.” Ayden said.


"A way it could have been stopped is with two-factor authentication,” Ayden said. “Wikidot does not offer it. Which means, if I had your password right now, everything you have access to [edit] could be gone in a matter of minutes. The whole thing could have been so much worse- I had the ability to delete [the entire SCP Wiki], but decided not to, as it’s been around for a very long time. Two-factor authentication [would mean] even if they have your password, you might have to receive a text from your phone with a code to log in, or from your email, or from an app on your phone. Without two-factor authentication, any site that is hosted by Wikidot can be taken down.”


Ayden also pointed out that while Wikidot was partly responsible, ManyMeats also selected a poor password. However, he also debunked the claim that said password was “SCP.ADMIN.02”.


“You could have the most secure system in the world, but humans will always be the weak point. I think had ManyMeats done the slightest to protect his information, none of this would've been possible.” Ayden said. “His password was a variation of a common one he used.”


Ayden claims the entire hack was enabled by Wikidot’s failure to offer Two-factor Authentication. Due to this weakness, Ayden says the entire wiki could’ve been destroyed by a more hostile actor.




186 views2 comments

Recent Posts

See All

2 Kommentare


Lack of Lepers
Lack of Lepers
28. Dez. 2022

Pretty pissed at this Ayden person actually. They caused the deletion of the SCP Wiki's front page that had existed since its creation in 2008, which includes all of its edit history. This is an absolute mountain of historical data that can't be accessed any other way now, and is completely, forever lost. The discussion is partially preserved in Wayback, but not the details of the edit history. Not as bad as it could have been, surely, but a huge loss for some of us.


Plus, the regressive generation of memelord authors now decorate the new front page's comment section with middle-school gibberish and self-promotions, something that really typifies how shitty the Wiki has gotten.

Gefällt mir

curvytuna
curvytuna
27. Sept. 2022

I still can't believe someone actually did this and that when they did, it wasn't an enormous catastrophe.

Gefällt mir
Post: Blog2 Post

© 2023 Confic Magazine

bottom of page