Hacking reports. Where do they go?

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Ideas Centre
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
User avatar
Myspoonistoobig
Registered User
Posts: 30
Joined: Fri Mar 25, 2005 8:05 am

Hacking reports. Where do they go?

Post by Myspoonistoobig » Mon Sep 17, 2007 12:44 pm

My board was "hacked", and I don't really need support with it, I just want to submit a report of the incident in case it's helpful in patching up whatever phpbb3 hole they used to do it. It was a very wimpy hack, merely changing config.php, so I can fix it easy enough

Do such reports go in the incident tracker, or the security tracker? or, somewhere else?

It appears they went in through the mod panel, since the most recently modified files in my phpbb3 installation's directory are config.php and the cache, and the couple of changed cache files indicate usage of the mod panel. Should I upload those as an attachment?

It was an RC4 install. Should I still report it? After all, it could be something unpatched in RC5 (and again, I don't need help or advice on fixing my board, so posting "you can fix this by keeping up to date!" is just spamming)

SamG
Former Team Member
Posts: 3221
Joined: Fri Aug 31, 2001 6:35 pm
Location: Beautiful Northwest Lower Michigan
Name: Sam Graf

Re: Hacking reports. Where do they go?

Post by SamG » Mon Sep 17, 2007 5:26 pm

Incident tracker. I don't think it will matter if it is an RC4 installation. The team can decide the relevance. Thanks.

User avatar
karlsemple
Former Team Member
Posts: 39802
Joined: Mon Nov 01, 2004 8:54 am
Location: Hereford, UK
Contact:

Re: Hacking reports. Where do they go?

Post by karlsemple » Mon Sep 17, 2007 5:28 pm

'When filing incident you should have ready a full backup of the forum files and database from the time of the hack and the access logs from the time of the hack. Then we can investigate and try and determine if phpBB was at fault and is so...where and how :)
Image

User avatar
spy2000
Registered User
Posts: 14
Joined: Fri Sep 14, 2007 7:34 am

Re: Hacking reports. Where do they go?

Post by spy2000 » Tue Sep 18, 2007 11:01 am

access logs? can u explain how to get it?

User avatar
c4gamerz
Registered User
Posts: 161
Joined: Thu Aug 30, 2007 5:08 pm
Contact:

Re: Hacking reports. Where do they go?

Post by c4gamerz » Tue Sep 18, 2007 11:05 am

well it maybe coz of improper permissions of config.php my scripts were hacked many times coz of this small mistakes lolz you can do one thing there was a site which encode or decode ( i dont know ) so i encoded my config.php :) now atleast hacker cant access to my database :)
Web Designing | Script Integration | Logo Designing | Web Development | ExtensiveWeb.com

SamG
Former Team Member
Posts: 3221
Joined: Fri Aug 31, 2001 6:35 pm
Location: Beautiful Northwest Lower Michigan
Name: Sam Graf

Re: Hacking reports. Where do they go?

Post by SamG » Tue Sep 18, 2007 11:15 am

spy2000 wrote:access logs? can u explain how to get it?
I think Karl is talking about server logs. They have to be obtained through some other resource than phpBB, generally through a tool or download made available by the web host.

User avatar
spy2000
Registered User
Posts: 14
Joined: Fri Sep 14, 2007 7:34 am

Re: Hacking reports. Where do they go?

Post by spy2000 » Tue Sep 25, 2007 10:32 am

c4gamerz wrote:well it maybe coz of improper permissions of config.php my scripts were hacked many times coz of this small mistakes lolz you can do one thing there was a site which encode or decode ( i dont know ) so i encoded my config.php :) now atleast hacker cant access to my database :)
this is awful, can you share, how can we encode config.php file?

Thanks & regards.

net83it
Registered User
Posts: 500
Joined: Sun Jan 15, 2006 2:42 pm
Location: Sicily
Contact:

Re: Hacking reports. Where do they go?

Post by net83it » Fri Oct 05, 2007 2:51 pm

how is it possibile for an hacker to rewrite files in to 777 folders? i think it is necessary a bug/hole in the script. right? if yes, how discover this hole?

thank you

cybrid23
Former Team Member
Posts: 9877
Joined: Wed Jun 29, 2005 5:55 am
Location: Somewhere in the Midwest...
Contact:

Re: Hacking reports. Where do they go?

Post by cybrid23 » Fri Oct 05, 2007 3:52 pm

Myspoonistoobig wrote:I don't really need support with it, I just want to submit a report of the incident
Since the OP wasn't asking for support and as all incidents need to be submitted using the Incident Tracker, I am closing this topic as it is turning more into more of a discussion than support.

There is no need to go in to a frenzy. There are hundreds of non-phpBB related ways boards get hacked, and until a report is submitted and checked there is no way to tell if it was even through phpBB. Most of the ones I have seen lately are coming through the server side itself due to out of date apps one the server, again, not phpBB.
---Never leave home without a towel and your peril sensitive sunglasses.
---Do Not PM Me For Support. It will go unanswered.
Thanks.

Locked

Return to “[3.0.x] Support Forum”