Topic awaiting preservation: i got hacked.. $Pages that link to <a href="https://ozoneasylum.com/backlink?for=25338" title="Pages that link to Topic awaiting preservation: i got hacked.." rel="nofollow" >Topic awaiting preservation: i got hacked..\$

Author	Thread
LaSun Paranoid (IV) Inmate From: deep inside my head Insane since: Sep 2001	posted 03-25-2005 23:05 .. by 'friendly' hackers .. apparently ... anybody know where i should begin looking for this bug? (am also waiting on an email reply from the hackers.. hmmm...)
HZR Bipolar (III) Inmate From: Cold Sweden Insane since: Jul 2002	posted 03-25-2005 23:13 Upgrade to the newest version of your forum software.
poi Paranoid (IV) Inmate From: France Insane since: Jun 2002	posted 03-25-2005 23:17 Don't use PhpBB It's famous, and whenever a security hole is disclosed, or if you don't keep it up to date, you can be sure some script kiddies will jump on you.
CPrompt Maniac (V) Inmate From: there...no..there..... Insane since: May 2001	posted 03-25-2005 23:31 you're waiting on an email reply from the hackers........i don't think i would count on it there were some issues with phpBB not long ago so they took the site down and redid phpBB from my uderstanding. I would certainly join the mailing list that way when a security issue is brought up, you can fix it right away with a patch. there are a lot of hosts that wont even allow phpBB to be installed anymore. The last security hole was not really even their problem, it was a problem with php itself. They have it fix now though Later, C:\
LaSun Paranoid (IV) Inmate From: deep inside my head Insane since: Sep 2001	posted 03-25-2005 23:43 quote: ...you can be sure some script kiddies will jump on you. the bastards! .. so i've downloaded patch files that will hopefully get things back to normal. this'll teach me to stay on top of my maintenance chores. and maybe someday i'll get smart enough to work with more obscure forums than phpBB
synax Maniac (V) Inmate From: Cell 666 Insane since: Mar 2002	posted 03-25-2005 23:53 quote: Please ensure both the install/ and contrib/ directories are deleted
JKMabry Maniac (V) Inmate From: raht cheah Insane since: Aug 2000	posted 03-25-2005 23:57 phpBB runs a good security mailing list, you should definitely get on it if your board is indexed by search engines! a good looking up and coming BB is mybb, it's minimalistic but that could be a very good thing in my opinion
LaSun Paranoid (IV) Inmate From: deep inside my head Insane since: Sep 2001	posted 03-26-2005 01:42 i think the hacks are everywhere .. not just in phpBB2 ... just noticed some permissions (chmod) in my gallery were changed as well ... oh, and the upgrade for phpBB2 didn't fix the problem... could it be they got into the server? what now? <edit> trying not to panic </edit> (Edited by LaSun on 03-26-2005 01:50)
poi Paranoid (IV) Inmate From: France Insane since: Jun 2002	posted 03-26-2005 02:08 Yom-yom-yooom, ze boards. LaSun: Check in the admin panel of your board if the database is still ok, if there is a backup to restore or something like that. At worst, you'll have to re-install the board and clear the database.
bitdamaged Maniac (V) Mad Scientist From: 100101010011 <-- right about here Insane since: Mar 2000	posted 03-26-2005 02:45 Wierd I get the correct HTML when I view the source. Something over my head is happening there. .:[ Never resist a perfect moment ]:.
reisio Bipolar (III) Inmate From: Florida Insane since: Mar 2005	posted 03-26-2005 04:03 You should contact the dotreg.com or onlinenic.com people and let them know illegalteam.com is up to some shadyness. They shouldn't be hosting something in a language they don't understand, anyways.
LaSun Paranoid (IV) Inmate From: deep inside my head Insane since: Sep 2001	posted 03-26-2005 04:41 okay. i've done my yoga and breathing exercises, so i think i've safely dodged the anxiety attack, hehe. the bastards have still got my forum, but i've backed up the database and upgraded the board. for some reason i can't get back into my admin panel (i'm working with the phpBB support forum to try and resolve that) so i can't tell yet whether my efforts will pay off. it just so happens, though, that i was just about to shift the site to a new domain and webhost. i might as well use that exercise as an opportunity to inspect all my files for anomalies. synax: you caught me mid-upgrade. no install/contrib there now. JKMabry: i had a quick look at mybb. may just be worth further investigation. thanks for that. reisio: i think i just might, though i've never come across such polite hackers. even left their url and email address. (Edited by LaSun on 03-26-2005 04:48)
reisio Bipolar (III) Inmate From: Florida Insane since: Mar 2005	posted 03-26-2005 13:05 there's like a neverending supply of such idiot script kiddies - even in far away countries, it seems

Topic awaiting preservation: i got hacked..\$

Author

Thread

LaSun
Paranoid (IV) Inmate

From: deep inside my head
Insane since: Sep 2001

posted 03-25-2005 23:05

.. by 'friendly' hackers .. apparently ...

anybody know where i should begin looking for this bug? (am also waiting on an email reply from the hackers.. hmmm...)

HZR
Bipolar (III) Inmate

From: Cold Sweden
Insane since: Jul 2002

posted 03-25-2005 23:13

Upgrade to the newest version of your forum software.

poi
Paranoid (IV) Inmate

From: France
Insane since: Jun 2002

posted 03-25-2005 23:17

Don't use PhpBB
It's famous, and whenever a security hole is disclosed, or if you don't keep it up to date, you can be sure some script kiddies will jump on you.

CPrompt
Maniac (V) Inmate

From: there...no..there.....
Insane since: May 2001

posted 03-25-2005 23:31

you're waiting on an email reply from the hackers........i don't think i would count on it

there were some issues with phpBB not long ago so they took the site down and redid phpBB from my uderstanding. I would certainly join the mailing list that way when a security issue is brought up, you can fix it right away with a patch.

there are a lot of hosts that wont even allow phpBB to be installed anymore. The last security hole was not really even their problem, it was a problem with php itself. They have it fix now though

Later,

C:\

LaSun
Paranoid (IV) Inmate

From: deep inside my head
Insane since: Sep 2001

posted 03-25-2005 23:43

quote:
...you can be sure some script kiddies will jump on you.

the bastards!

.. so i've downloaded patch files that will hopefully get things back to normal.

this'll teach me to stay on top of my maintenance chores. and maybe someday i'll get smart enough to work with more obscure forums than phpBB

synax
Maniac (V) Inmate

From: Cell 666
Insane since: Mar 2002

posted 03-25-2005 23:53

quote:
Please ensure both the install/ and contrib/ directories are deleted

JKMabry
Maniac (V) Inmate

From: raht cheah
Insane since: Aug 2000

posted 03-25-2005 23:57

phpBB runs a good security mailing list, you should definitely get on it if your board is indexed by search engines!

a good looking up and coming BB is mybb, it's minimalistic but that could be a very good thing in my opinion

LaSun
Paranoid (IV) Inmate

From: deep inside my head
Insane since: Sep 2001

posted 03-26-2005 01:42

i think the hacks are everywhere .. not just in phpBB2 ... just noticed some permissions (chmod) in my gallery were changed as well ...

oh, and the upgrade for phpBB2 didn't fix the problem...

could it be they got into the server? what now?

<edit> trying not to panic </edit>

(Edited by LaSun on 03-26-2005 01:50)

poi
Paranoid (IV) Inmate

From: France
Insane since: Jun 2002

posted 03-26-2005 02:08

Yom-yom-yooom, ze boards.

LaSun: Check in the admin panel of your board if the database is still ok, if there is a backup to restore or something like that. At worst, you'll have to re-install the board and clear the database.

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted 03-26-2005 02:45

Wierd I get the correct HTML when I view the source. Something over my head is happening there.

.:[ Never resist a perfect moment ]:.

reisio
Bipolar (III) Inmate

From: Florida
Insane since: Mar 2005

posted 03-26-2005 04:03

You should contact the dotreg.com or onlinenic.com people and let them know illegalteam.com is up to some shadyness. They shouldn't be hosting something in a language they don't understand, anyways.

LaSun
Paranoid (IV) Inmate

From: deep inside my head
Insane since: Sep 2001

posted 03-26-2005 04:41

okay. i've done my yoga and breathing exercises, so i think i've safely dodged the anxiety attack, hehe.

the bastards have still got my forum, but i've backed up the database and upgraded the board. for some reason i can't get back into my admin panel (i'm working with the phpBB support forum to try and resolve that) so i can't tell yet whether my efforts will pay off.

it just so happens, though, that i was just about to shift the site to a new domain and webhost. i might as well use that exercise as an opportunity to inspect all my files for anomalies.

synax: you caught me mid-upgrade. no install/contrib there now.

JKMabry: i had a quick look at mybb. may just be worth further investigation. thanks for that.

reisio: i think i just might, though i've never come across such polite hackers. even left their url and email address.

(Edited by LaSun on 03-26-2005 04:48)

reisio
Bipolar (III) Inmate

From: Florida
Insane since: Mar 2005

posted 03-26-2005 13:05

there's like a neverending supply of such idiot script kiddies - even in far away countries, it seems