vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   My Board was HACKED Twice today!! (https://vborg.vbsupport.ru/showthread.php?t=53114)

tpearl5 05-19-2003 06:52 AM
My Board was HACKED Twice today!!
 
To my surprise at about 5:30 today someone gained access to one of my admin's accounts. They edited my account so I wasn't an admin anymore. I quickly edited the database and made myself an admin again. I changed some things back that the hacker messed with. (my advertising banners, and site name) At this point I had to go to work.

When I got home from work at about 1am my other admin's name was taken, and the same was done as before. He put 'their' banner on the top of the page both times and said "LHK Ownz" or something. I changed everything back again and added some heavier security this time. Also got some IP's of the names. One looks like a proxy and the other is an AOL IP.

This was the banner he displayed on my site:
http://www.angelfire.com/ca6/monkeeyz/lhk.jpg

So how could two seperate accounts be compromised? I'm running v 2.2.8 so all passwords are encrypted. They did not gain access to the backend of the site or the database itself. Just the vB control panel.

:ermm:

Can anyone offer a little insite as to where the security breech could be?

majin gotenks 05-19-2003 07:47 AM
maybe bruteforce? or do you have another admin or two? they may know one of their passwords.
BTW what a lame name leet hackers krew :|

Talisman 05-19-2003 08:05 AM
But...

If they knew the password for a third admin's account and they used that to gain access to the ACP, this still wouldn't let them get the password to tpearl5's primary and backup admin accounts.

I gather he's already checked the adminlog, so he knows which admin accounts the hacker[s] used to log in.

Chris M 05-19-2003 08:50 AM
Not to sound off my own hacks, but I have a few vB security hacks you could install, to try and prevent this;):)

Satan

Erwin 05-19-2003 09:56 AM
Very odd. Make sure you disable all other admin accounts, and that getadmin.php is not anywhere on your server.

Tony G 05-19-2003 11:19 AM
Best thing to do is maybe keep yourself an admin only, as you can just re-admin yourself via the database. This can limit the access if they've cracked one of your admins accounts passwords?

That probably didn't make sense. =/

Bison 05-19-2003 11:44 AM
Passwords are a killer ... sometimes member join other forums and use the same passwords from another. This looks like the case with your forum. If remembering passwords are a pain in the butt for some of you, here's a free program that I reccommnd to all of my members (RoBo Form): http://fileforum.betanews.com/detail...fid=1014298205

Also, one of the guys in the Full Release Section created a very nice password changer hack that requires all members to change their passwords after a period you can define. You don't have to have all members change then, but you can make it a requrement for your staff to change their passwords.

For added saftey, it would be best to make it so that each password contains numbers and letters, and require that they are at least 6 characters. :)

filburt1 05-19-2003 01:44 PM
Yet another fact to enforce the rule that you should never have another administrator :)

Chris M 05-19-2003 05:11 PM
Indeed:)

Chris

Tigga 05-19-2003 05:33 PM
Quote:
Today at 10:44 AM filburt1 said this in Post #8
Yet another fact to enforce the rule that you should never have another administrator :)
Agreed. I have 2 other admins on my site, but once vB3 is out, they will be cut down to mods. ;)

Chris M 05-19-2003 05:36 PM
I am the only Administrator, but I have one Co-Admin (Arunan), and soon to be another Co-Admin, my current SuperMod cillianok:)

As a rule, 1 guy in charge works better;)

Satan

filburt1 05-19-2003 05:37 PM
Also, perpetually be up to date on vB versions and never install a hack unless you absolutely need it. :)

Dean C 05-19-2003 05:40 PM
.htaccess the admin cp dir :)

- miSt

Bison 05-19-2003 07:48 PM
You can have all of the admins you want ... just be smart about the way you administer your passwords. Change them often ... that's the trick.

Talisman 05-20-2003 04:07 AM
So there's no other way to get in? The only possibility is by using an admin password?

PixelFx 05-20-2003 09:30 AM
get avg anti-virus and make sure there isn't a trojen sitting on your system.

Tony G 05-20-2003 11:10 AM
Quote:
Today at 12:44 AM filburt1 said this in Post #8
Yet another fact to enforce the rule that you should never have another administrator :)
I would have disagreed with you a few months ago but I've learnt my lesson.

Erwin 05-21-2003 12:20 PM
I have 8 other Senior Admins, but they have a very restricted Admin CP, and cannot add or remove other Admins. I am in my own Founder usergroup, with full privileges. Also, .htaccess password-protect the admin directory like someone else said.

Chris M 05-21-2003 03:18 PM
Quote:
Today at 02:20 PM Erwin said this in Post #18
I have 8 other Senior Admins, but they have a very restricted Admin CP, and cannot add or remove other Admins. I am in my own Founder usergroup, with full privileges. Also, .htaccess password-protect the admin directory like someone else said.
Same kind of thing as me (hence my Lesser Admin CP hack);):p

Besides - Your board isn't hellsatan-proof Erwin;):p

Satan

futureal 05-21-2003 08:37 PM
I have other 3 other admins on each of my sites, all of whom are people I know in real life and see on a regular basis.

On the off chance that someone got into my sites like that, I still don't worry about it, since everything is backed up to tape drives on a nightly cycle. The worst thing that could ever happen is a loss of 23 hours worth of data, if a hack occured right before the nightly backup. :)


All times are GMT. The time now is 09:28 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01166 seconds
  • Memory Usage 1,754KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (20)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete