Go Back   vb.org Archive > Community Central > Community Lounge
Reload this Page My board was hacked
FAQ Community Calendar Today's Posts Search

Reply
Page 1 of 3 1 23
 
Thread Tools Display Modes
  #1  
Old 09-22-2002, 09:20 PM
The Keeper The Keeper is offline
 
Join Date: Mar 2002
Posts: 123
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default My board was hacked
I think my board was hacked. They didn't destroy anything on the forum - but one of my members posted a snapshot of a private (moderator) forum.
One of my moderators asked where he got the pic from, and his best friend (who is I think is also a vb owner and knows a lot about computers and security) replied:

Quote:
INSERT INTO moderator VALUES ('12', '231', '5', '0', '0', '1', '1', '1', '1', '1', '1', '0', '0', '0', '1', '0', '0', '1', '1');

EDIT: Though what does it matter? He has it etc...
Is it possible he's found a way to hack into the database?

I'm running 2.2.4
Reply With Quote
  #2  
Old 09-22-2002, 09:22 PM
NTLDR's Avatar
NTLDR NTLDR is offline
Coder
  
Join Date: Apr 2002
Location: Bristol, UK
Posts: 3,644
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thats the statement for adding a moderator, but unless he has a way to run queries on your DB its useless.
Reply With Quote
  #3  
Old 09-22-2002, 09:41 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
well you should really upgrade to vb227 there are some security fixes in it...
Reply With Quote
  #4  
Old 09-23-2002, 01:55 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
2.2.4 is not secure. Upgrade to 2.2.7.
Reply With Quote
  #5  
Old 09-24-2002, 08:58 AM
The Keeper The Keeper is offline
 
Join Date: Mar 2002
Posts: 123
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I've upgraded now, but I need advice on what to do with such a member? I really have no proof he hacked, but I do know he posted a pic of something he shouldn't have access to.
Reply With Quote
  #6  
Old 09-24-2002, 09:00 AM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
well i'd show him the yellow card.....
Reply With Quote
  #7  
Old 09-24-2002, 10:30 AM
Neo's Avatar
Neo Neo is offline
 
Join Date: Oct 2001
Location: Anywhere
Posts: 1,817
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
2.2.7 isnt secure. I hacked my 2.2.7 board a few times and got access to the admin area.
Reply With Quote
  #8  
Old 09-24-2002, 10:32 AM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
i hope you've told this infos to the developers
Reply With Quote
  #9  
Old 09-24-2002, 12:25 PM
The Keeper The Keeper is offline
 
Join Date: Mar 2002
Posts: 123
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
This is dissapointing to know.
Do you guys have any idea how this hacking on my forum may have happened?? Through admin area? I am led to believe he was able to procure other data from the database including IP addresses.

If it was through the admin area, I've now passworded that directory, hopefully that will stifle attempts, but if he has my admin password, then what's the point anyway

Is there anything I can do about this, like report it to some authority, if I'm able to collect evidence?
Reply With Quote
  #10  
Old 09-24-2002, 04:54 PM
Steve Machol's Avatar
Steve Machol Steve Machol is offline
 
Join Date: Nov 2001
Posts: 1,896
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally posted by Neo
2.2.7 isnt secure. I hacked my 2.2.7 board a few times and got access to the admin area.
If you have evidence of this then please send it to support@vbulletin.com. Include the exact steps you are using to hack your 2.2.7 forum.
Reply With Quote
Reply
Page 1 of 3 1 23

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:36 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04382 seconds
  • Memory Usage 2,248KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete