Page 1 of 3

Got hacked through the forum.

Posted: Thu Jun 09, 2016 2:53 am
by william.menech
Hello All, I began a subdomain of my website for my forum. Within a few months my site got hacked through the forum. Is there a way to prevent this in the future? I would like to recreate my forum but have fear of getting hacked again. :?:

Re: Got hacked through the forum.

Posted: Thu Jun 09, 2016 3:58 am
by Lumpy Burgertushie
if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert

Re: Got hacked through the forum.

Posted: Thu Jun 09, 2016 12:24 pm
by Holger
What phpBB version are you running? Have you modified the code? What PHP version? What other SW/application are you running?
I think you got hacked in any other way, but not through phpBB.
Most likely you got hacked through your hoster because something was not up to date.

Re: Got hacked through the forum.

Posted: Thu Jun 09, 2016 6:22 pm
by Marc
If you think you got hacked through phpBB, the recommended way of handling this is to contact us through our incident tracker:
https://tracker.phpbb.com/projects/INCIDENT

You should be able to login with your www.phpbb.com account. Please make sure to include information like access logs, error logs, etc. from your website at the suspected time of the hack.

Re: Got hacked through the forum.

Posted: Sat Jun 11, 2016 1:42 am
by Joe.
Sorry to hear about that :(

Re: Got hacked through the forum.

Posted: Sat Jun 25, 2016 6:48 pm
by 2600
Lumpy Burgertushie wrote:if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert
:lol: This site was hacked and I read the hackers blog on how he did it. Keyword: mod_security.

Re: Got hacked through the forum.

Posted: Sat Jun 25, 2016 9:16 pm
by MichaelC
John connor wrote:
Lumpy Burgertushie wrote:if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert
:lol: This site was hacked and I read the hackers blog on how he did it. Keyword: mod_security.
I'm not entirely sure what you're referencing here. Please could you confirm [in private if sensitive]?

Re: Got hacked through the forum.

Posted: Sat Jun 25, 2016 9:39 pm
by Lumpy Burgertushie
not sure that is even true , however, if they got in through "mod_security" then that has nothing to do with phpbb. that is a server software/system.

if you can hack into a server at the server level, then anything and everything on that server is open to you.

you can not get to the server through phpbb unless you have the ftp and or the database log in.


robert

Re: Got hacked through the forum.

Posted: Sun Jun 26, 2016 12:23 am
by 3Di
John connor wrote:
Lumpy Burgertushie wrote:if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert
:lol: This site was hacked and I read the hackers blog on how he did it. Keyword: mod_security.
This site has been hacked in 2009 and it was NOT a mod_security's issue but - instead - of an employed third-party software (PHPlist). :geek: Before it was in 2005, not a mod_security's issue. Then I guess in 2014 but it was because they stole and abused the login credentials of a phpBB team member.

Re: Got hacked through the forum.

Posted: Sun Jun 26, 2016 2:24 am
by Lumpy Burgertushie
none of which was hacked through phpbb. the phplist was a mailing list software that was hacked and gave them access to the server that it and phpbb were installed on.

when someone has your username/password that is not considered hacking and no software can keep out someone that has the correct login to access it.

not trying to be a fanboy here, just like to keep it to the facts. I am not aware of a single time that phpbb3 has been actually hacked through its code etc.


robertr

Re: Got hacked through the forum.

Posted: Sun Jun 26, 2016 1:19 pm
by 2600
Yeah, it was PHPlist. https://blog.sucuri.net/2013/09/securit ... b-com.html

Could have sworn there was an early hack involving some leaked passwords. Maybe that was just a website/server issue or something. It was like last year when the site was down for like three weeks.

Edit-

Yeah, 2014 https://theadminzone.com/threads/phpbb- ... 392/page-2

Here's the announcement. viewtopic.php?f=14&t=2283426

Was a server attack. It's why I mask my IP with CloudFlare and delete the MX record and use Gmail as the E-mail service. The MX record gives away the real IP. I have yet to find my real IP with a CloudFlare resolver. It does show the old IP though. That's because I wasn't using CF and those CF resolver websites grabbed it in the plain.

Re: Got hacked through the forum.

Posted: Sun Jun 26, 2016 1:38 pm
by Lumpy Burgertushie
and quoting from that link you posted:
We determined that on Friday December 12th, unauthorised access to the area51.phpbb.com server was obtained using credentials that had been stolen from a staff member via an outside source. To be clear, this was not done through a vulnerability in the phpBB software.
It was not even a hack. the attackers had the username/password of a staff member which gave them complete access to the server.
it had nothing to do with IP addresses or email servers etc. etc.



robert

Re: Got hacked through the forum.

Posted: Sun Jun 26, 2016 1:43 pm
by 2600
I guess it wasn't a "hack" per say. But a hack in technical terms is to circumvent security for malicious intent.

There's hacks & there's cracks. :D

Re: Got hacked through the forum.

Posted: Sun Jun 26, 2016 1:47 pm
by Lumpy Burgertushie
well, technically they did not circumvent the security of the board/server. they stole the username password and used that. I guess you could say that stealing someone's password is "circumventing" the security.
:)

robert

Re: Got hacked through the forum.

Posted: Sun Jun 26, 2016 2:54 pm
by david63
John connor wrote:It's why I mask my IP with CloudFlare
Are you sure about that? I can find your site's IP address in about 30 seconds