hello, i just overwrite my old 2.0.6 files to 2.0.19 files, and now i got hacked AGAIN.
all of my members post messege, doubled.
can anyone help me?
my forum is http://www.modifikasi.com/forum/
MY SITE GOT HACKED AGAIN USING PHPBB 2.0.19
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
-
Marshalrusty
- Project Manager
- Posts: 29334
- Joined: Mon Nov 22, 2004 10:45 pm
- Location: New York City
- Name: Yuriy Rusko
- Contact:
So, did you get backed? Or is the problem that the posts are coming out double?
If you were previously hacked, there could be back doors in the database from before yo loaded the 2.0.19 files. Since the IIT doesn't deal with 2.0.6, I suggest you load up the Admin Toolkit and run a secuirty scan.
If you were previously hacked, there could be back doors in the database from before yo loaded the 2.0.19 files. Since the IIT doesn't deal with 2.0.6, I suggest you load up the Admin Toolkit and run a secuirty scan.
Made in Ukraine, exported to the USA 
Have comments/praise/complaints/suggestions? Please feel free to PM me.
Need private help? Hire me for all your phpBB and web development needs
-
karlsemple
- Former Team Member
- Posts: 39802
- Joined: Mon Nov 01, 2004 8:54 am
- Location: Hereford, UK
- Contact:
As you are sure you have upgraded correctly to 2.0.19 you will really need report this to the IIT http://www.phpbb.com/support/incidents/
just before the post message doubled, there is fffffff in viewforum, below the forum title, and before that "ffffff" things, many post are gone, from 120.000 to 90.000 (i disable my auto prune)
example of the hack:
all of the post become doubled.[/code]
example of the hack:
Code: Select all
i have run admin toolkit, all forum are clear.
i have run admin toolkit, all forum are clear.When you restored your database, did you run the toolkit against it again? It is quite possible that the old backup contained extra admins - you could have been attacked some time ago, and they waited a while to make the attack obvious. Then, when you restored the older backup, the back door was put back in...
Jeff
Fixing 1016/1030/1034 Errors | (obsolete link) | MySQL 4.1/5.x Client Error | phpBBv2 Logo in ACP
Support requests via PM are ignored!
"To be fully alive is to feel that everything is possible." - Eric Hoffer
Fixing 1016/1030/1034 Errors | (obsolete link) | MySQL 4.1/5.x Client Error | phpBBv2 Logo in ACP
Support requests via PM are ignored!
"To be fully alive is to feel that everything is possible." - Eric Hoffer
i didn't backup and restore the db, first, i install new fresh phpBb 2.0.19 using fantastico in /forum2/ folder then i install all the Mod i need, after that, I rename it from /forum2/ to /forum/ and the old /forum/ i renamed it into /forum_backup/ and then copy the config.php from old forum files (2.0.6) to the new forum files (2.0.19)
so i don't make any changes to the DB.
so i don't make any changes to the DB.
-
karlsemple
- Former Team Member
- Posts: 39802
- Joined: Mon Nov 01, 2004 8:54 am
- Location: Hereford, UK
- Contact:
xmutan wrote: i didn't backup and restore the db, first, i install new fresh phpBb 2.0.19 using fantastico in /forum2/ folder then i install all the Mod i need, after that, I rename it from /forum2/ to /forum/ and the old /forum/ i renamed it into /forum_backup/ and then copy the config.php from old forum files (2.0.6) to the new forum files (2.0.19)
so i don't make any changes to the DB.
same applies, your still using a database which could have been compromised back when you were running 2.0.6...please follow the advice you are being given otherwise i will have to lock this and refer you to the IIT
-
Lumpy Burgertushie
- Registered User
- Posts: 69224
- Joined: Mon May 02, 2005 3:11 am
- Contact:
bottom line here is that 2.0.19 did not get hacked.
your problems apparently come from an improper update and or hacker files left over from before, or just mistakes made by you or someone else.
if there were any hacks out there for 2.0.19 don't you think that we would have heard of them by now?
I haven't seen one yet that is strictly a hack of the 2.0.19 files.
robert
your problems apparently come from an improper update and or hacker files left over from before, or just mistakes made by you or someone else.
if there were any hacks out there for 2.0.19 don't you think that we would have heard of them by now?
I haven't seen one yet that is strictly a hack of the 2.0.19 files.
robert
Premium phpBB 3.3 Styles by PlanetStyles.net
I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.
I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.