Jump to content

I Got Hacked!

- - - - -
Started by Xav, Nov 06 2008 01:09 PM

This topic has been archived. This means that you cannot reply to this topic.
110 replies to this topic

#1
Xav
Posted 06 November 2008 - 01:09 PM

Xav

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 13,118 posts
I was very surprised when I logged in to my Warning! This site has been hacked. • Index page phpBB3 forum today. Every forum name had been replaced with "you have been hacked" and so on. The hacker seems to have used a moderator's user account (who does not have permissions to edit forum names) to change the details and then delete the log, removing all traces of him.

Now, what I want to ask is: how did the hacker do this, and how can I stop it from happening again? I am the only one (so I thought) with permissions to edit forums, and my password is complex.
Jordan said:

Good members, like yourself, stick around and post for ages to come!
Mr. Xav | Blog | Forums

#2
Guest_Jordan_*
Posted 06 November 2008 - 01:32 PM

Guest_Jordan_*
  • Guests
Do you have an updated version? Is there any security flaws in the version you are running?

#3
John
Posted 06 November 2008 - 01:51 PM

John

    Writes binary right handed and hex left handed

  • Moderators
  • 6,321 posts
Do you have an easy to guess password?
Compiled Thoughts

#4
chili5
Posted 06 November 2008 - 06:00 PM

chili5

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 7,248 posts
Check for an updated version of phpbb that might be more secure?

Any chance did you write your password down somewhere?

#5
Brandon W
Posted 07 November 2008 - 04:02 AM

Brandon W

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 4,828 posts
He said that his password is very complex so I don't think it would be guessed or used a script to test a lit of passwords.

Make security holes in phpBB?
jQuery Selectors Tutorial - jQuery Striped Table tutorial - jQuery Events - jQuery Validation

Sorry if I don't post as often as I did, I'll try to get here as much as possible! I'm working my bum off to get this scholarship and other stuff!

#6
antoniyo
Posted 07 November 2008 - 04:58 AM

antoniyo

    Learning Programmer

  • Members
  • PipPipPip
  • 54 posts
What was your password. try again by using that password or use some smiler password as if you forgot password...it may be possible?? i am sure if your password were complexity you can't hacked.
Website development | free web templates

#7
Brandon W
Posted 07 November 2008 - 05:16 AM

Brandon W

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 4,828 posts
Security leeks.
jQuery Selectors Tutorial - jQuery Striped Table tutorial - jQuery Events - jQuery Validation

Sorry if I don't post as often as I did, I'll try to get here as much as possible! I'm working my bum off to get this scholarship and other stuff!

#8
Xav
Posted 07 November 2008 - 11:11 AM

Xav

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 13,118 posts

Jordan said:

Do you have an updated version? Is there any security flaws in the version you are running?
First question: yes. Second question: no.

John said:

Do you have an easy to guess password?
No.

chili5 said:

Check for an updated version of phpbb that might be more secure?
Any chance did you write your password down somewhere?
No.
Jordan said:

Good members, like yourself, stick around and post for ages to come!
Mr. Xav | Blog | Forums

#9
Xav
Posted 07 November 2008 - 11:14 AM

Xav

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 13,118 posts
Issue Fixed

OK, here was the problem. It is phpBB's permissions settings (I know how much you hate them John).

Basically, phpBB has separate permissions for groups, users, moderators, and individual forums. It gets so confusing. What happened was: I allowed a certain action for a member, but it ended up giving the user full admin permissions. He took advantage of this and edited the forum names/title.

The "hacker" turned out to be my good friend from school, playing a joke. Yawn.
Jordan said:

Good members, like yourself, stick around and post for ages to come!
Mr. Xav | Blog | Forums

#10
John
Posted 07 November 2008 - 11:58 AM

John

    Writes binary right handed and hex left handed

  • Moderators
  • 6,321 posts
Some friend he is... :?
Compiled Thoughts

#11
Xav
Posted 07 November 2008 - 12:03 PM

Xav

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 13,118 posts
I have been assured it was just a joke, and he was planning on changing them back.
Jordan said:

Good members, like yourself, stick around and post for ages to come!
Mr. Xav | Blog | Forums

#12
Brandon W
Posted 07 November 2008 - 12:48 PM

Brandon W

    Writes binary right handed and hex left handed

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 4,828 posts
LOL :D
jQuery Selectors Tutorial - jQuery Striped Table tutorial - jQuery Events - jQuery Validation

Sorry if I don't post as often as I did, I'll try to get here as much as possible! I'm working my bum off to get this scholarship and other stuff!

Back to Website Design




  1. CODECALL Programming Forum
  2. Web Development Forum
  3. Website Design
IPB skins by Skinbox