If You Have Been TOUCHED BY BL4cK 3Y3D

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Anti-Spam Guide
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
jer166
Registered User
Posts: 3
Joined: Mon May 11, 2009 11:25 pm

If You Have Been TOUCHED BY BL4cK 3Y3D

Post by jer166 »

if anyone else is looking for quick fixes on this it appears there are at least two things tht get done. a domain index page will be replaced and the site can be restored by replacing the index.php.

in my case on a phpbb3 board a redirect code was placed in a forum title & description.
this was the code used:

<META HTTP-EQUIV="Refresh" CONTENT="0;URL=http://www.something.com">

I was able to correct this and restore my forum by editing the msql forums table and searching for
the above tag in the description column.

Now I need to figure out how he gained access to my ACP. If there is someone out there that was seeking help as I was, I hope this helps. Apparently when you ask for help you sometimes get instructed to complete an incident report & the post is locked without much help.

It looks like someone is real sensitive to any discussion of phpbb being hacked and is limiting discussion in this area. Which is OK unless you are desperately seeking HELP.
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 52789
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve

Re: If You Have Been TOUCHED BY BL4cK 3Y3D

Post by stevemaury »

There has not yet been an exploit of phpbb3. We lock these topics because it needs to be handled by the Incident investigation Team. I suspect your exploit was done via the database in some manner. Since you do not want to file an incident report, what would you like to be done?
I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
jer166
Registered User
Posts: 3
Joined: Mon May 11, 2009 11:25 pm

Re: If You Have Been TOUCHED BY BL4cK 3Y3D

Post by jer166 »

I don't know if the exploit was a phpbb issue or not. And I am not suggesting that it was. I was just desperate for help and thought there might be someone else in the same situation that I might be able to help while awaiting a response from the incident team. I was not pointing fingers, just offering to help.

By the way, I filled an incident report. As of today 5-27-09 I have not heard from anyone. Fortunately, I was able to correct my problem.

Return to “[3.0.x] Support Forum”