Got hacked through the forum.

Discussion of non-phpBB related topics with other phpBB.com users.
Forum rules
General Discussion is a bonus forum for discussion of non-phpBB related topics with other phpBB.com users. All site rules apply.
william.menech
Registered User
Posts: 5
Joined: Wed Jan 07, 2015 6:54 am

Got hacked through the forum.

Post by william.menech » Thu Jun 09, 2016 2:53 am

Hello All, I began a subdomain of my website for my forum. Within a few months my site got hacked through the forum. Is there a way to prevent this in the future? I would like to recreate my forum but have fear of getting hacked again. :?:
Last edited by Brf on Thu Jun 09, 2016 2:32 pm, edited 1 time in total.
Reason: removed spam

User avatar
Lumpy Burgertushie
Registered User
Posts: 66487
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Got hacked through the forum.

Post by Lumpy Burgertushie » Thu Jun 09, 2016 3:58 am

if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert

Holger
Registered User
Posts: 1748
Joined: Tue Mar 12, 2002 3:54 pm
Location: Hannover

Re: Got hacked through the forum.

Post by Holger » Thu Jun 09, 2016 12:24 pm

What phpBB version are you running? Have you modified the code? What PHP version? What other SW/application are you running?
I think you got hacked in any other way, but not through phpBB.
Most likely you got hacked through your hoster because something was not up to date.

User avatar
Marc
Development Team Leader
Development Team Leader
Posts: 5395
Joined: Tue Oct 30, 2007 10:57 pm
Location: Munich, Germany
Name: Marc
Contact:

Re: Got hacked through the forum.

Post by Marc » Thu Jun 09, 2016 6:22 pm

If you think you got hacked through phpBB, the recommended way of handling this is to contact us through our incident tracker:
https://tracker.phpbb.com/projects/INCIDENT

You should be able to login with your www.phpbb.com account. Please make sure to include information like access logs, error logs, etc. from your website at the suspected time of the hack.

Joe.
Registered User
Posts: 2
Joined: Fri Sep 04, 2015 10:33 am
Name: Joe Wober

Re: Got hacked through the forum.

Post by Joe. » Sat Jun 11, 2016 1:42 am

Sorry to hear about that :(

User avatar
John connor
Registered User
Posts: 2186
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Got hacked through the forum.

Post by John connor » Sat Jun 25, 2016 6:48 pm

Lumpy Burgertushie wrote:if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert
:lol: This site was hacked and I read the hackers blog on how he did it. Keyword: mod_security.

User avatar
MichaelC
Development Team Member
Development Team Member
Posts: 3642
Joined: Mon Dec 21, 2009 3:36 pm
Location: Surrey, UK
Name: Michael Cullum
Contact:

Re: Got hacked through the forum.

Post by MichaelC » Sat Jun 25, 2016 9:16 pm

John connor wrote:
Lumpy Burgertushie wrote:if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert
:lol: This site was hacked and I read the hackers blog on how he did it. Keyword: mod_security.
I'm not entirely sure what you're referencing here. Please could you confirm [in private if sensitive]?
:)
Formerly known as Unknown Bliss
Please don't PM me for support (or stuff that belongs in the forums or tracker) but otherwise feel free
Website Feedback || Website Tracker

User avatar
Lumpy Burgertushie
Registered User
Posts: 66487
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Got hacked through the forum.

Post by Lumpy Burgertushie » Sat Jun 25, 2016 9:39 pm

not sure that is even true , however, if they got in through "mod_security" then that has nothing to do with phpbb. that is a server software/system.

if you can hack into a server at the server level, then anything and everything on that server is open to you.

you can not get to the server through phpbb unless you have the ftp and or the database log in.


robert

User avatar
3Di
Former Team Member
Posts: 13920
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: Got hacked through the forum.

Post by 3Di » Sun Jun 26, 2016 12:23 am

John connor wrote:
Lumpy Burgertushie wrote:if you got hacked from phpbb then you would be the first one to have that happen since phpbb 3 came out in 2007.

what exactly happened?
why do you think you were hacked and why do you think it happened from phpbb?


robert
:lol: This site was hacked and I read the hackers blog on how he did it. Keyword: mod_security.
This site has been hacked in 2009 and it was NOT a mod_security's issue but - instead - of an employed third-party software (PHPlist). :geek: Before it was in 2005, not a mod_security's issue. Then I guess in 2014 but it was because they stole and abused the login credentials of a phpBB team member.

User avatar
Lumpy Burgertushie
Registered User
Posts: 66487
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Got hacked through the forum.

Post by Lumpy Burgertushie » Sun Jun 26, 2016 2:24 am

none of which was hacked through phpbb. the phplist was a mailing list software that was hacked and gave them access to the server that it and phpbb were installed on.

when someone has your username/password that is not considered hacking and no software can keep out someone that has the correct login to access it.

not trying to be a fanboy here, just like to keep it to the facts. I am not aware of a single time that phpbb3 has been actually hacked through its code etc.


robertr

User avatar
John connor
Registered User
Posts: 2186
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Got hacked through the forum.

Post by John connor » Sun Jun 26, 2016 1:19 pm

Yeah, it was PHPlist. https://blog.sucuri.net/2013/09/securit ... b-com.html

Could have sworn there was an early hack involving some leaked passwords. Maybe that was just a website/server issue or something. It was like last year when the site was down for like three weeks.

Edit-

Yeah, 2014 https://theadminzone.com/threads/phpbb- ... 392/page-2

Here's the announcement. viewtopic.php?f=14&t=2283426

Was a server attack. It's why I mask my IP with CloudFlare and delete the MX record and use Gmail as the E-mail service. The MX record gives away the real IP. I have yet to find my real IP with a CloudFlare resolver. It does show the old IP though. That's because I wasn't using CF and those CF resolver websites grabbed it in the plain.

User avatar
Lumpy Burgertushie
Registered User
Posts: 66487
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Got hacked through the forum.

Post by Lumpy Burgertushie » Sun Jun 26, 2016 1:38 pm

and quoting from that link you posted:
We determined that on Friday December 12th, unauthorised access to the area51.phpbb.com server was obtained using credentials that had been stolen from a staff member via an outside source. To be clear, this was not done through a vulnerability in the phpBB software.
It was not even a hack. the attackers had the username/password of a staff member which gave them complete access to the server.
it had nothing to do with IP addresses or email servers etc. etc.



robert

User avatar
John connor
Registered User
Posts: 2186
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Got hacked through the forum.

Post by John connor » Sun Jun 26, 2016 1:43 pm

I guess it wasn't a "hack" per say. But a hack in technical terms is to circumvent security for malicious intent.

There's hacks & there's cracks. :D

User avatar
Lumpy Burgertushie
Registered User
Posts: 66487
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Got hacked through the forum.

Post by Lumpy Burgertushie » Sun Jun 26, 2016 1:47 pm

well, technically they did not circumvent the security of the board/server. they stole the username password and used that. I guess you could say that stealing someone's password is "circumventing" the security.
:)

robert

User avatar
david63
Registered User
Posts: 16330
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: Got hacked through the forum.

Post by david63 » Sun Jun 26, 2016 2:54 pm

John connor wrote:It's why I mask my IP with CloudFlare
Are you sure about that? I can find your site's IP address in about 30 seconds

Post Reply

Return to “General Discussion”