Go Back   vb.org Archive > Community Central > Community Lounge
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 07-15-2004, 09:18 AM
MindTrix's Avatar
MindTrix MindTrix is offline
 
Join Date: Apr 2002
Location: United Kingdom
Posts: 1,833
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Hacking message board?

I always see posts about peoples message boards beeing hacked into and deleted. I dont want to know how to do it obviously that doesnt interest me, just more or less why it happens. I mean, i know someone who goes around bragging he hacks and deletes boards, and he registered at my forums and got an instant ban etc. But can he really hack and delete my board? Or does this usualy only happen when u let people have admin access or ftp info?

Just wondering thats all :surprised:
Reply With Quote
  #2  
Old 07-15-2004, 09:25 AM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well there are vulnrabilities in older versions of vB but right now it's pretty secure so I doubt anyone will be able to hack their way in
Reply With Quote
  #3  
Old 07-15-2004, 09:26 AM
Zero Tolerance's Avatar
Zero Tolerance Zero Tolerance is offline
 
Join Date: Feb 2004
Location: England
Posts: 813
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

My site got hacked a couple of months ago, this was using httpd, he managed to upload install.php into my install/ directory, and authenticate.php (so the member number required to access to install could be whatever he wanted). Upon doing so he did a fresh installation of my forum, about 1000 members, 20,000 posts wiped. To stop this been repeated i simple deleted the install/ directory.

Why he/her did it? Not a clue, pissed me off a great deal too. But to them it's just fun over and over to see forum's crumble at there handy work.

Quite sad id say, those people need attention, fast.

- Zero Tolerance
Reply With Quote
  #4  
Old 07-15-2004, 09:33 AM
MindTrix's Avatar
MindTrix MindTrix is offline
 
Join Date: Apr 2002
Location: United Kingdom
Posts: 1,833
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

So people cannot hack into your forums unless they have like admin access or ftp access?
Reply With Quote
  #5  
Old 07-15-2004, 09:35 AM
Zero Tolerance's Avatar
Zero Tolerance Zero Tolerance is offline
 
Join Date: Feb 2004
Location: England
Posts: 813
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yes, the guy who hacked me had no access to my site or ftp, he used a form of hacking known as httpd, that's all i know. He used a browser to uplaod a script to my site...

But this method cannot add folders, so by deleting the folder the process couldn't be repeated.

- Zero Tolerance
Reply With Quote
  #6  
Old 07-15-2004, 09:41 AM
MindTrix's Avatar
MindTrix MindTrix is offline
 
Join Date: Apr 2002
Location: United Kingdom
Posts: 1,833
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

So i can delete INSTALL folder safely and it wont mess up vbulletin? and then i will be safer from attacks?
Reply With Quote
  #7  
Old 07-15-2004, 09:52 AM
Zero Tolerance's Avatar
Zero Tolerance Zero Tolerance is offline
 
Join Date: Feb 2004
Location: England
Posts: 813
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I would greatly advise it, it will stop the method of hacking that happened to me, and i wouldn't want it to happen to anyone else.

- Zero Tolerance
Reply With Quote
  #8  
Old 07-15-2004, 09:53 AM
MindTrix's Avatar
MindTrix MindTrix is offline
 
Join Date: Apr 2002
Location: United Kingdom
Posts: 1,833
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok ill do it now then ( or just rename it ) oh check your pms pleaseee
Reply With Quote
  #9  
Old 07-15-2004, 11:09 AM
Tony G's Avatar
Tony G Tony G is offline
 
Join Date: Nov 2001
Location: Melbourne, Australia
Posts: 8,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Zero Tolerance
My site got hacked a couple of months ago, this was using httpd, he managed to upload install.php into my install/ directory, and authenticate.php (so the member number required to access to install could be whatever he wanted). Upon doing so he did a fresh installation of my forum, about 1000 members, 20,000 posts wiped. To stop this been repeated i simple deleted the install/ directory.

Why he/her did it? Not a clue, pissed me off a great deal too. But to them it's just fun over and over to see forum's crumble at there handy work.

Quite sad id say, those people need attention, fast.

- Zero Tolerance
If the reason for hacking a forum isn't for revenge or hate, it usually is just the type of hacker that finds fun in watching sites and forums crumble and break down. Those people, they need lives.
Reply With Quote
  #10  
Old 07-15-2004, 05:56 PM
FleaBag's Avatar
FleaBag FleaBag is offline
 
Join Date: Dec 2001
Posts: 1,674
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I run a local community music board [which I think is now the biggest in my country], but alas there are many 'rivals' - I try to keep as up to date as possible. Two of my 'rivals' have recently been hacked... One was running Inivison and was completely wiped - I noticed two days ago that another using PHPBB as a Nuke module has been hacked, it seems, by a 'muslim activist' - I say that in quotes because obviously I have no idea who actually did it, but there was lots of anti Jewish/American and pro Palastinian/Muslim info on there. Obviously a site in Wales about rock music has nothing to do with this cause, it seems people don't even need a reason to hack you.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:19 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07453 seconds
  • Memory Usage 2,255KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete