homepage Welcome to WebmasterWorld Guest from 54.198.139.141
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Website
Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
Forum Library, Charter, Moderators: rogerd

Community Building and User Generated Content Forum

    
I just got hacked
Can I blame someone?
sifredi




msg:1558555
 11:07 pm on Mar 6, 2005 (gmt 0)

My phpBB forum just got hacked. A small forum and failry new with only about 1500 posts. In less than 10 minutes all posts but the most recent were gone and spam messages started to show up.

As I see it, there are three possible explanations to why it could be hacked:

1. I didn't run the latest version, but I updated it manually after each security alert.
2. I switched host only a few days before the attack.
3. I added a mod called "quick reply".

Anyway, does anyone here have similar experience, and how I can prevent this from happening again? Can I blame my new host for not making a secure environment for forums?

thanks

 

encyclo




msg:1558556
 12:19 am on Mar 7, 2005 (gmt 0)

You can possibly blame the "quick reply" mod - and yourself. 10 seconds of searching on Google found this:

phpBB Advanced Quick Reply Mod arbitrary code execution [secunia.com]
Unpatched. Secunia Advisory 1 of 1 in 2002

phpBB Advanced Quick Reply Mod 1.x with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Highly critical

Another "to-do" on the checklist: search for the security history of any mod you apply.

Where did you get the mod from? Was it from the phpbb.com official mods database, or from an unofficial source?

sifredi




msg:1558557
 12:34 am on Mar 7, 2005 (gmt 0)

Thanks, thats pretty obvious I guess. I got it from some phpBBHacks page - I knew it was fishy but many members where asking for it. Now I'm quite certain that was it.

MadDev




msg:1558558
 1:48 pm on Mar 7, 2005 (gmt 0)

If your PHPBB version was below 2.0.13 there are many many ways they could have gotten in. Between .10 and .13 there have been some MAJOR secuirity breaches allowing someone to hack your forums.

sifredi




msg:1558559
 2:01 pm on Mar 7, 2005 (gmt 0)

Yes, so Ive heard. I used 2.0.10 but I also updated some security issues manually. However, now Ive done a complete reinstall of the latest version in a new db with new logins. And no more quick replies. And I will do frequent backups in the future.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved