Explantion of the events that took place:A few weeks ago, me and a couple of

1. Explantion of the events that took place:
2.  
3. A few weeks ago, me and a couple of other people were talking in a teamspeak server. Atonement got brought up
4. and a user was talking about how they missed their dead character. I wound up mentioning that I used to code
5. for atonement and that I might still have shell access to the server. I checked and sure enough I was able
6. to log into the server. After a round of egging each other on, I wound up setting the creation state of the character
7. from dead(4) to alive(2), I also changed some information about the character, giving them a ghostly appearance
8. and modifying their equipment file to contain cat ears, a 'neko' backpack, and a standard dress I nabbed from a
9. different equipment file. Shortly after the account was activated and logged in to, an admin by the name of Viking
10. noticed the character they knew to be dead. It was played off as a bug and the character was disabled.
11.  
12. A little later into the evening, or perhaps the day after, we got together again and I was talking about an old
13. item I had created when I was playing around on the build server, it was capable of establishing a link in the form
14. of a portal between the location it was used from and a seperate room. Essentially creating a "closet-in-the-box".
15. One thing led to another and I wound up creating an instance of it inside the player file of the user's active
16. character, Shunt, a dark-red-haired, high-cheekboned male. I also modified his player stats so he had 30 education,
17. the stat required to at least effectively use the item he had. We played around with it and spooked a couple of
18. characters. Shortly afterwards, the same admin caught on and we lost the item.
19.  
20. Between these two events I created and uploaded a PHP file called flashload onto the atonement server, with the initial
21. function of giving us the ability to upload modified player files to the server, and to use a shell command to delete the
22. existing player file. I also uploaded a generic PHP shell I grabbed online, only because I didn't want to commit enough to
23. write excessive shell functionality for the flashload file. I also established a user in webmin called pastmud because I
24. got fed up messing with the PHP files and just decided to create a user that mimicked the legitimate server user "futuremud".
25.  
26. At this point, things calmed down for a little bit. We had had our fun, spooked a couple of characters, and played off
27. the destruction of lost alien technology.
28.  
29. Then one night early into august, me and the person who did not have their character revived (I mentioned that there was
30. a couple of people in the other teamspeak) were in a more populated teamspeak server. We were talking about the mischief we
31. got up to a few weeks prior. The person registered an account and I changed their character's state from pending(1) to
32. alive(2), occassionaly modifying the character record further because we had bypassed the character generation process, as
33. at one point they were three inches tall and didn't know how to speak common. I modified his equipment file to match my last
34. character's and loaded him up with another of those cubes I had made. He went in game, dropped the cube for someone else to find,
35. and went off to do someother stuff. All the while we're talking to others about what we had done last time. After a bit of egging
36. on, I wound up selecting every character in the database and setting their create state to alive(2). After I connected to the
37. server and verified what had happened we started to attract more attention, after some pressuring, I released the credentials for
38. JDK and pastmud to connect to Webmin to the channel, and some people went off to fool around as they would.
39.  
40. I then modified the database so every second and fourth character was named Amos and Malik respectively. As a couple
41. of those present played Armageddon and those are two fameous character names. This is where things initially went wrong, the character
42. entries use the character's name as their primary key, so when the server tried to save the first Amos or Malik, it wound up updating
43. all rows in the database, so when we tried to play a trick by changing some player names around, it wound up taking the first quitting
44. character and updating all entries in the database, so Angrboda wound up with about 700 Malik characters.
45.  
46. Now, I knew that these changes wouldn't be permanent, as I could just as easily revert the MySQL transactions and undo what was done.
47. So what we did next was establish a new column in the character table as a number that automatically incremented and acted as a second
48. primary key. We issued the same Amos/Malik update command but made it add the row ID to the end of the name. The damage was done though
49. and one person had access to a quarter of the characters in the database. So I issued an update query that applied a random account
50. as the owner of the Malik and Amos characters incrementaly. At this point, someone mentions in teamspeak that a user on the atonement chat
51. noticed the changes, and they had a pair of numbered Malik characters available. Were all having a hoot at this point and decide
52. to create a little party, I started on a query that changed the room ID of all characters to one I grabbed randomly, and attempted to change
53. the descriptions of all characters to the famous "tall, muscular man" from armageddon, during our party in teamspeak I take a screenshot
54. of the query and post it to facebook.
55.  
56. At this point though, I've already received messages from Kith, and we know that he is on to us. So I got sloppy trying to push what I could
57. through and apparently the description change query didn't go trough. But the room change was a seperate query itself and apparently passed.
58. Someone gets the idea to start dropping schemas and their tables from the database at this point, which causes the forums and game servers to
59. go down. Almost at the same time I find I'm booted from MySQL, as one of the other guys had been fucking around on webmin and closed down some
60. firewall exceptions on the server. This is where I realize shit is starting to hit the fans, as I'm locked out of MySQL and SSH and someone's
61. gone too far with webmin, so I try to distract Kith and buy time to figure out what happened. Then I hear someone saying they fired off the
62. delete command and the server is starting to crash, at this point I'm panicking as even the backdoors I had installed have dissappeared and
63. I'm quite effectively locked out of the server, but more importantly is that the transaction log of MySQL is most probably erased and we can't
64. roll back the changes anymore.
65.  
66. Realizing the server can't get any more destroyed as it is, the night starts to wrap up and people start going their seperate ways to do other
67. things. I try contacting Kith to see if he has a way to restore the server. Then asking if he can submit a ticket (which thankfully worked),
68. this was the last I heard from him though. http://puu.sh/OI52
69.  
70. I wind up leaving the computer to head out with my family at this point, which carries us over to today, August 4th. I log on and with one eye closed
71. check the website to discover that its been revived. I notice the 8/2 thread, read it, and see that I've been outed. Which wasn't unexpected. After
72. reading about how I'm pretty much worse than shit itself, I pretty much give a shrug, fiddle around to check the accounts on webmin, then notice I've
73. still got the backdoors installed, as they were added prior back during the first time I loaded the cube item and were taken into the backup.
74. I give another shrug, think to let shit be shit, and decide to deface the index page of the website. At this point, I'm starting to regret what I did, and
75. why I wronged Atonement a second time when they were justified in their comments. I restored the index page and notified Holmes of where the backdoors are
76. located, I told him others took part and that I highly doubt the password hashes were taken, they were salted as well and I doubt the others had time to
77. find the salt.
78. http://puu.sh/OIgK http://puu.sh/OIi0
79.  
80. At around the same time, Jaunt contacts me and pretty much condemns me, I initially resist ousting the others that took place, but
81. later cave in and reveal the teamspeak server we were all on, he mentions some stuff about social marketing and more condeming, I
82. realize I'm fucked either way and tell him to raze my identity to the ground. I realize I'm only digging myself a deeper hole and start
83. asking what to do to compensate the community. Luckily they chose not to pursue what I did, and ended by telling me that if I did something
84. like this again, I was essentially a dead man under fines and sentences.
85.  
86. I'm left to my thoughts for a bit, I start to write a letter of apology but before I finish it, I wind up checking atonement again for replies and
87. come to the conclusion that they're after my blood (lynch all the hackers), subsequently I sign the letter in my blood and apply a thumbprint. I
88. send it off to Jaunt and he posts it on my behalf.