Hacked Forum

This is an archive of the phpBB 2.0.x support forum. Support for phpBB2 has now ended.
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
Gamma
Registered User
Posts: 40
Joined: Wed Oct 13, 2004 7:26 pm

Hacked Forum

Post by Gamma »

Hello,

Some &%$*# just hacked my forum (see it for yourself) :shock:

Things I know:

:arrow: If I enter directly to a topic, everything seems fine. I've even backed up my database and I can see all forums.
:arrow: If I erase the "index_body.tpl" (I only use Subsilver), the header is fine (of course there is an error message).
:arrow: If I replace "index_body.tpl" or "index.php" with the original files, the hack still shows.

:arrow: It would be so, so, so good if I could avoid reinstalling. I have a couple mods, my logo, etc..

I realy hope some nice PHBB guru around this place can help me out :?

User avatar
Marshalrusty
Project Manager
Project Manager
Posts: 29275
Joined: Mon Nov 22, 2004 10:45 pm
Location: New York City
Name: Yuriy Rusko
Contact:

Post by Marshalrusty »

You're 9 versions out of date, what do you expect? You need to follow the instructions in the IIT announcement and file a report in the Incident Tracker
Have comments/praise/complaints/suggestions? Please feel free to PM me.

Need private help? Hire me for all your phpBB and web development needs

starfoxtj
Registered User
Posts: 3714
Joined: Tue Jul 29, 2003 2:01 am
Contact:

Post by starfoxtj »

After you fill out those reports, make a full file and database backup then run my admin toolkit and click the security scan.

Remove any red or yellow descriptions. That should clear the hacked info.
Look at the admin list (second section of the scan) and ban/delete/demote any fake accounts.

Then disable your board and update asap!
Admin ToolKit v2.1a - An Admins most helpful tool for user management. Now Supports Mass User Deletion!
Change User's: names, passwords, emails, active status and avatar/pm permissions.
Ban/Unban Users, change Post and Resync Counts, and promote/demote users to admin.
Completely independent from your phpbb user account settings. No installation required, just upload one file.
User Upload ToolKit Beta - A quick and easy, 30 second-install, attachment mod. Now Supports Dynamic Thumbnails!

bogods
Registered User
Posts: 11
Joined: Mon Mar 06, 2006 9:31 pm

hackers

Post by bogods »

I've been an operator for ages and when i started out i was plaqued with hackers. I HATE them. Before i discovered phpBB i used invision powerboards through a provider. If people experiance problems DONT go to your provider as they cant really do a thing. If your hosting a forum then ignore the above. Anyhow, on the invision pb i had a serious hack problem. I suggest one of three things:
1) change the settings in config from where it says something like "no verification" to "user varification". It means they must provide an email,
2) if that fails then i suggest turning it to admin varification so only you (or ur fellow admin) can approve it.
3) if you can't do anything just move providers.
Also for you ammetures make sure u have a firewall. I though i had a firewall when it had been offline, the s.o.b's had been reading what i typed into the password box strait off of my computer.

If their are any of you using a provider because u cant afford (or find) a mysql database, i have a pretty much endless supply of them so jst email me at Spam removed by Jim_UK

Also i was wondering is phpBB open source?

Luke

User avatar
Da Undead
Registered User
Posts: 116
Joined: Tue Jun 21, 2005 2:24 am
Location: USA, Texas
Contact:

Post by Da Undead »

Lol how do you get hacked? Lol u must of gave away your FTP access to an "outsider". lol! :lol:

Well all i can say is re-install and use latest version :)

User avatar
Jim_UK
Former Team Member
Posts: 18478
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Post by Jim_UK »

This forum is not a discussion one!
Take care this thread does not get locked

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!

User avatar
Da Undead
Registered User
Posts: 116
Joined: Tue Jun 21, 2005 2:24 am
Location: USA, Texas
Contact:

Post by Da Undead »

Da Undead wrote: Well all i can say is re-install and use latest version :)


I believe thats support?!?!? :evil:

HyperKat
Registered User
Posts: 2
Joined: Mon Mar 06, 2006 9:58 pm

Post by HyperKat »

I have the updated software and just got hacked (again) today
I put the forum in a different location this time so the script kitties wont just find it under mydomain.com/forum

What else can we do ?

User avatar
ChrisRLG
Former Team Member
Posts: 3420
Joined: Wed Nov 24, 2004 3:18 pm
Location: Essex, UK
Contact:

Post by ChrisRLG »

HyperKat

Do you know if all the operating system software is up to date too.

If the php or other software is behind with updates it can leave you vulnerable, I believe even if phpBB2 is at its latest version.

User avatar
Jim_UK
Former Team Member
Posts: 18478
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Post by Jim_UK »

A lot of hackings have occurred when the software has not been updated correctly or there are out of date mods installed.

Please submit a report to the Incident Investigation Team.
http://www.phpbb.com/support/incidents/add_report.php

Please make a complete backup of your board files and database. If you have access to your server logs then they would be very useful.

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!

bogods
Registered User
Posts: 11
Joined: Mon Mar 06, 2006 9:31 pm

hackers

Post by bogods »

um...i've done some research and theses hackers have quite a trail of destruction. On sites tht i've seen they say that there islamic warriers and stuff, anyway i suggest doing some research on them and their records. Also if you highligh ur hacked page u'll notice some hidden text. About the IP address if u search the internet you'll be able to find web tools that allow you to trace peoples IP's and more. It wont do you much gd now but still. Also their are certain websites which you can report that you've been hacked and they can offer support etc.
luke,
p.s. sorry about the other post, i didn't mean it to be like spam, sorry,
p.p.s i'll shut up nw before they lock this topic

User avatar
Jim_UK
Former Team Member
Posts: 18478
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Post by Jim_UK »

Also their are certain websites which you can report that you've been hacked and they can offer support etc

Please submit a report to the Incident Investigation Team.
http://www.phpbb.com/support/incidents/add_report.php


We have such a service and this with the phpBB experts.

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!

bogods
Registered User
Posts: 11
Joined: Mon Mar 06, 2006 9:31 pm

Post by bogods »

Fair enough, thts gd for support, but i mean that there are agencies all over the world who prosicute againsts these hackers. Also there are databases that can give you information on a specific hacker (i'm nt sure if phpbb's does tht i haven't checked). Also jst re-read wat i wrote and saw it looks a bit sarcy, it wsnt meant like tht.

who_cares
Registered User
Posts: 5106
Joined: Fri Jan 14, 2005 11:04 pm
Location: ATL
Contact:

Post by who_cares »

Da Undead wrote: Lol how do you get hacked? Lol u must of gave away your FTP access to an "outsider". lol! :lol:

Well all i can say is re-install and use latest version :)

please don't do that.

1) you don't need FTP access to hack a board (From your description I'd say it's in the database anyway)
2) Why re-install when you can just upgrade?

User avatar
entengo
Registered User
Posts: 37
Joined: Thu Feb 09, 2006 11:49 pm
Location: The Alamo
Contact:

Post by entengo »

maybe not. he might have changed his site into a like something like freewebs. Maybe its you whos BeLa

Locked

Return to “2.0.x Support Forum”