MY 2.0.21 still gets hacked

This is an archive of the phpBB 2.0.x support forum. Support for phpBB2 has now ended.
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
User avatar
merekstele
Registered User
Posts: 107
Joined: Mon Mar 03, 2003 6:07 am

Post by merekstele »

when I was hacked a LONG time ago, it turned out they were not hacking through phpBB at all, they had found a security flaw in the "cpanel" my host was using and came in through that way. They had complete ftp access via the webftp gui that came with the cpanel and also full database access. The problem might not be on your end at all?

Taipo
Registered User
Posts: 174
Joined: Fri Jan 07, 2005 9:25 pm
Contact:

Post by Taipo »

Just a few minutes ago, I INDEED found a trojan in one of my logfiles (produced by some logged form submission text).
Name: PHP/C99Shell.C Trojan


Suggest that if your webhost offers it, add some htaccess password protection to your admin folder. Other than that, it sounds like its a server side exploit or some code is still prevailing in your database from the first time you were hacked, that is allowing malicious access.

User avatar
comperr
Registered User
Posts: 581
Joined: Mon May 08, 2006 2:35 am

Post by comperr »

BTW - it is not hacked - it is cracked

Taipo
Registered User
Posts: 174
Joined: Fri Jan 07, 2005 9:25 pm
Contact:

Post by Taipo »

BTW - it is not hacked - it is cracked


I think you are being a little ostentatious about terms there comperr

User avatar
comperr
Registered User
Posts: 581
Joined: Mon May 08, 2006 2:35 am

Post by comperr »

Sorry,
I just want to go back to when people liked the hackers.

Locked

Return to “2.0.x Support Forum”