Go Back   vb.org Archive > Community Central > Community Lounge
Reload this Page My board was hacked
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
Page 2 of 3 1 2 3
 
Thread Tools Display Modes
  #11  
Old 09-24-2002, 07:23 PM
Neo's Avatar
Neo Neo is offline
 
Join Date: Oct 2001
Location: Anywhere
Posts: 1,817
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Heh sorry I wasnt really clear with that was I?

I have two account with my hosting service and through phpmyadmin I was able to edit my user account so that I was a admin and or mod.

There is nothing VB can really do about that.


So no version is really secure
Reply With Quote
  #12  
Old 09-24-2002, 07:38 PM
Steve Machol's Avatar
Steve Machol Steve Machol is offline
 
Join Date: Nov 2001
Posts: 1,896
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
This is a problem with your phpMyAdmin password and/or hosting service. Of course if anyone gains direct access to the database they can do pretty much anything they want.
Reply With Quote
  #13  
Old 09-24-2002, 08:05 PM
Neo's Avatar
Neo Neo is offline
 
Join Date: Oct 2001
Location: Anywhere
Posts: 1,817
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Actually I have seen this problem with many hosting companies. Many of them are to lazy to make anything totally secure... like being able to gain root access.

I told them about it but they yelled at me and said I shouldnt be hacking....which makes sence but what is a "real" hacker comes along? o_O
Reply With Quote
  #14  
Old 09-24-2002, 09:47 PM
Steve Machol's Avatar
Steve Machol Steve Machol is offline
 
Join Date: Nov 2001
Posts: 1,896
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally posted by Neo
I told them about it but they yelled at me and said I shouldnt be hacking....which makes sence but what is a "real" hacker comes along? o_O
Geez! Find yourself another hosting company fast!
Reply With Quote
  #15  
Old 09-24-2002, 10:50 PM
The Keeper The Keeper is offline
 
Join Date: Mar 2002
Posts: 123
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
OK I've heard things previously about someone coming to the forum and finding themselves logged in as another member.
Is it possible this person could have turned up to the forum and found himself logged in as a moderator because of his IP at teh time?
Reply With Quote
  #16  
Old 09-24-2002, 11:28 PM
Neo's Avatar
Neo Neo is offline
 
Join Date: Oct 2001
Location: Anywhere
Posts: 1,817
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
HEH this forum was just hacked and I believe it runs 2.2.7

http://www.animehorizons.com/forums/index.php?s=
Reply With Quote
  #17  
Old 09-24-2002, 11:39 PM
DrkFusion's Avatar
DrkFusion DrkFusion is offline
 
Join Date: Nov 2001
Posts: 1,926
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
the site too ^
Reply With Quote
  #18  
Old 09-25-2002, 12:30 AM
Steve Machol's Avatar
Steve Machol Steve Machol is offline
 
Join Date: Nov 2001
Posts: 1,896
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
That entire site was hacked as DrkFusion points out. There is no way vB can protect itself from a hacked server.
Reply With Quote
  #19  
Old 09-25-2002, 01:22 AM
Freddie Bingham's Avatar
Freddie Bingham Freddie Bingham is offline
 
Join Date: Oct 2001
Posts: 506
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
... and adding hacks to your forum makes it much less secure. This is something that is overlooked by most. Turning register_globals off helps alot since that will solve most cases of sql injection and always use intval() and addslashes().
Reply With Quote
  #20  
Old 09-25-2002, 02:39 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Note that if you're on a shared server, you are basically in a lot of trouble. Dedicated servers tend to be more secure, for obvious reasons. Yeah, and do check the code of hacks you install. Some of holes larger than the black hole in the centre of this galaxy. I won't mention names... but some of these hacks have been installed by a lot of people.
Reply With Quote
Reply
Page 2 of 3 1 2 3

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 10:16 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05887 seconds
  • Memory Usage 2,240KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete