[Solved] Hacker!

This is an archive of the phpBB 2.0.x support forum. Support for phpBB2 has now ended.
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
Falco1199
Registered User
Posts: 156
Joined: Fri May 17, 2002 9:11 pm
Location: New York
Contact:

Post by Falco1199 » Tue Jun 11, 2002 3:05 am

NO! OK I just had a really long post but it's gone now... think I had a CTRL A, CTRL X spasm...

Well, anyway.. I'll get the .htaccess thing running; I'll report back w/ any problems.
Techie-Micheal wrote: No, that won't stop him. If he is a moderator with permissions in that forum, then he can still mess with things and just not admin things. That's probably why he hasn't changed your password or anybody else's . . .


-I might have neglected to mention everything that the hacker did, but he has changed my password. He's doing it about once every 2 days now... I keep resorting to getting a new password via email.
-How could I stop this?? :(
:-D

Falco1199
Registered User
Posts: 156
Joined: Fri May 17, 2002 9:11 pm
Location: New York
Contact:

Post by Falco1199 » Tue Jun 11, 2002 11:44 am

Umm.. is there any way??

Is there a reason why I shouldn't have phpmyadmin installed? I want to use it to Add SQL for a mod that is for better IP tracking. I think I'll install the mod that lets you see a user's status from the memberlist. Is there any reason why I shouldn't install any mods? Want to make sure before I do anything.

PS: I did what fishfreek told me to do (".htaccess") but nothing changed. I'm guessing that it doesn't matter, but I'm going to test it later.
:-D

- szo2 -
Registered User
Posts: 538
Joined: Tue Apr 30, 2002 3:29 pm
Location: Hong Kong
Contact:

Post by - szo2 - » Tue Jun 11, 2002 12:06 pm

You should delete phpMyAdmin, just in case. I DO hope you are setting phpMyAdmin to require a password, aren't you? phpMyAdmin is not very secure in design even if you set the security options unless you run it through a secure connection.

User avatar
Techie-Micheal
Security Consultant
Posts: 19511
Joined: Sun Oct 14, 2001 12:11 am
Location: In your servers

Post by Techie-Micheal » Tue Jun 11, 2002 4:23 pm

Actually, phpmyadmin is secure providing you set the options correctly.
Proven Offensive Security Expertise. OSCP - GXPN

Falco1199
Registered User
Posts: 156
Joined: Fri May 17, 2002 9:11 pm
Location: New York
Contact:

Post by Falco1199 » Tue Jun 11, 2002 6:52 pm

I don't have phpMyadmin yet, but I'm thinking about getting it (if I can without security probs) to install a mod that would help me track IPs.

"Correct" configuration? What do you mean?

I'm getting a member of my site who is good with php to configure phpmyadmin so taht it uses a password. I'll show you guys what he comes up with when he's done. ;)
:-D

AL
Registered User
Posts: 442
Joined: Tue Jul 03, 2001 10:21 pm
Location: Texas Ya'll

Post by AL » Tue Jun 11, 2002 6:56 pm

if he is changing your phpbb password then either he has access to your database or he has set himself as an admin. try looking in the phpbb_users and look for anyone with user_level other than 0.

also (I don't think this was suggested before) put a .htaccess in the admin directory with a different password from any you have used. then even if they have admin access they can't get into the admin area unless they have the .htaccess password. no - this won't keep them from deleting posts if they are admin, but you should be able to figure that out easily from the users table.

good luck.
"A nerd is someone whose life is focused on computers and technology, but a geek is someone whose life is focused on computers and technology and LIKES it that way."

Falco1199
Registered User
Posts: 156
Joined: Fri May 17, 2002 9:11 pm
Location: New York
Contact:

Post by Falco1199 » Tue Jun 11, 2002 7:19 pm

Umm.. I mae an .htaccess file, but how would I give it a password? Wouldn't he not be able to get into the admin panel anyway?? :(
:-D

User avatar
Techie-Micheal
Security Consultant
Posts: 19511
Joined: Sun Oct 14, 2001 12:11 am
Location: In your servers

Post by Techie-Micheal » Tue Jun 11, 2002 8:27 pm

.htaccess doesn't need a password if you ban all ip's besides your own.
Proven Offensive Security Expertise. OSCP - GXPN

Wert
Former Team Member
Posts: 3676
Joined: Tue Jul 03, 2001 8:33 pm
Location: Sacramento, CA
Name: Chris Aguilar

Post by Wert » Tue Jun 11, 2002 8:57 pm

It sounds like this guy bascially doesn't want to upgrade from 2.0 to 2.01 because he doesnt' want to have to reinstall all his mods.

So he's got a few choices.
  • Use the "patch" method of upgrading and hope your old mods works ok after.

    Upgrade clean and then reinstall your mods.

    Keep using 2.0 which has a well known security flaw.

If you want to be secure, you have to upgrade to 2.01.

You can fudge around with .htaccess hoping to ban this guys IP, but then he'll just use an anonymous proxy to bypass that.

Do yourself a favor and upgrade to 2.01 even if it's a bit inconvenient for you.
Chris Aguilar - AKA "Wert"

Falco1199
Registered User
Posts: 156
Joined: Fri May 17, 2002 9:11 pm
Location: New York
Contact:

Post by Falco1199 » Tue Jun 11, 2002 9:35 pm

2.0.1 doesn't work on Lycos servers.

I don't have any mods.
:-D

User avatar
Techie-Micheal
Security Consultant
Posts: 19511
Joined: Sun Oct 14, 2001 12:11 am
Location: In your servers

Post by Techie-Micheal » Tue Jun 11, 2002 10:14 pm

2.01 might not work on Lycos. Some have success, others do not. You can always move if you aren't happy with Lycos . . .
Proven Offensive Security Expertise. OSCP - GXPN

Falco1199
Registered User
Posts: 156
Joined: Fri May 17, 2002 9:11 pm
Location: New York
Contact:

Post by Falco1199 » Tue Jun 11, 2002 10:17 pm

It didn't work for me; I tried it at first.

I don't know of any other free servers with MySQL... do you?
:-D

User avatar
Techie-Micheal
Security Consultant
Posts: 19511
Joined: Sun Oct 14, 2001 12:11 am
Location: In your servers

Post by Techie-Micheal » Wed Jun 12, 2002 12:03 am

Yes, I do. The one I am thinking of off the top of my head does not have sendmail or anything MTA installed but it works just fine. spaceports.com.
Proven Offensive Security Expertise. OSCP - GXPN

Falco1199
Registered User
Posts: 156
Joined: Fri May 17, 2002 9:11 pm
Location: New York
Contact:

Post by Falco1199 » Wed Jun 12, 2002 11:37 am

I've registered there and checked it out... I have a few issues with changing servers though:

1) Spaceports has ads
2) I've never switched servers w/ a MySQL database before... Is there a tutorial on that? I've backed up my database, but I don't really know how to do anything else.

I think I'll switch nonetheless. So.. I guess fornow I just need to know the answers to my questions in #2.
:-D

User avatar
Techie-Micheal
Security Consultant
Posts: 19511
Joined: Sun Oct 14, 2001 12:11 am
Location: In your servers

Post by Techie-Micheal » Wed Jun 12, 2002 6:38 pm

Proven Offensive Security Expertise. OSCP - GXPN

Locked

Return to “2.0.x Support Forum”