Forum hacked by www.corrupt.com

This is an archive of the phpBB 2.0.x support forum. Support for phpBB2 has now ended.
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
Locked
Karsoon67
Registered User
Posts: 4
Joined: Wed Apr 19, 2006 10:02 am

Forum hacked by www.corrupt.com

Post by Karsoon67 »

Just got hacked by www.corrupt.com

Search around and can not find any solution.
Gurus, please help.

My forum: www.vagsg.com

User avatar
karlsemple
Former Team Member
Posts: 39802
Joined: Mon Nov 01, 2004 8:54 am
Location: Hereford, UK
Contact:

Post by karlsemple »

you will need to submit a report to the IIT here http://www.phpbb.com/support/incidents/
Image

ScottTaylor
Registered User
Posts: 49
Joined: Mon Apr 24, 2006 1:32 am
Location: Sydney, Aussieland
Contact:

Post by ScottTaylor »

hmm sorry to see that :(
Image

User avatar
Lumpy Burgertushie
Registered User
Posts: 67057
Joined: Mon May 02, 2005 3:11 am
Contact:

Post by Lumpy Burgertushie »

I just get an error stating that your config table in the database is missing.

why do you think you were hacked and why do you think that corrupt.com had anything to do with it.

robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.3 Styles by PlanetStyles.net

If a tree falls in the forest and nobody is there, does it make a sound?

Karsoon67
Registered User
Posts: 4
Joined: Wed Apr 19, 2006 10:02 am

Post by Karsoon67 »

Lumpy Burgertushie wrote: I just get an error stating that your config table in the database is missing.

why do you think you were hacked and why do you think that corrupt.com had anything to do with it.

robert


It was hacked and I just got my forum restored back from the backup SQL file. But now, seems like my config table is missing.

phpBB : Critical Error

Could not query config information

DEBUG MODE

SQL Error : 1146 Table 'vagsgdb.phpbb_config' doesn't exist

SELECT * FROM phpbb_config

Line : 166
File : /usr/local/psa/home/vhosts/vagsg.com/httpdocs/forums/common.php

User avatar
karlsemple
Former Team Member
Posts: 39802
Joined: Mon Nov 01, 2004 8:54 am
Location: Hereford, UK
Contact:

Post by karlsemple »

obviously your backup either did not restore properly of was not complete in the first place, open it in a text editor to check see if everything is there.
Image

stevenish
Registered User
Posts: 2
Joined: Mon Apr 24, 2006 6:28 pm
Location: Los Angeles
Contact:

Post by stevenish »

My board was also hacked by presumably the same people. They identified themselves as being from www.c0rrupt.com (that's a zero, not an O in there).

The hacker wiped out all posts and even all topic areas.

We are on version 2.0.6. How secure is the latest version? Has anyone heard of hacking jobs committed on 2.0.20 boards?

The board I work on is here:
www.charactercounts.org/forum

custmguru®
Registered User
Posts: 233
Joined: Wed Apr 10, 2002 6:06 pm
Location: Somewhere, Over the rainbow
Contact:

Post by custmguru® »

2.0.20 may not be completly bulletproof but it is a million times more secure than 2.0.6.

you should upgrade immediatly. do not pass go, do not collect $200, get to upgrading. We were hacked twice, once with 2.0.8 and 2.0.11. they deleted several forums on the second attack. we lost thousands of posts. Needless to say, I don't let the upgrades get behind anymore...

kloomis
Registered User
Posts: 5
Joined: Mon Sep 06, 2004 4:28 pm
Contact:

Post by kloomis »

My phpbb board at www.OurMessageBoard.com was also hacked over this past weekend by c0rrupt with mentions of MindKrime. We have restored all the web site files and are back up, but we last about a week's worth of posts and were down for about 5 days during the fix.

The hacker seems to have been able to access and take control of the SQL files. Nothing in the phpbb files themselves seems to have been bothered. However, the users table was altered and the board admin user was deleted/replaced with a new username and password. Fortunately, I guess, the phpMyAdmin username and password were not altered.

My hosting company is looking in to this further and I will report back with anything I get from them.

In the meantime, does anyone have any suggestions about how to prevent attacks like this? since the SQL files them selves were hacked, I doubt that a newer version of phpbb would make much difference, but I am currently trying to see if I can't upgrade to the latest version of phpbb anyway.

Thanks,
Ken

stevenish
Registered User
Posts: 2
Joined: Mon Apr 24, 2006 6:28 pm
Location: Los Angeles
Contact:

Post by stevenish »

What version were you running when you were hacked?

Also, note that at least one of our registered users received an email from the hacker with a message similar to the one that defaced our board. The email was sent from my address to my address and blind-copied the recipient, so it apparently was sent using the phpbb mass email function.

Strangely, several registered users, including myself, did not get the email.

skorpiius
Registered User
Posts: 72
Joined: Mon Nov 21, 2005 11:10 pm

Post by skorpiius »

Now seems like a good time to save out a backup of the database.. although I have 2.0.20 so hopefully I'm safe.

Locked

Return to “2.0.x Support Forum”