Hacked again!

Post by **anna** » 22 Sep 2008, 19:20

The forum has been hacked again.

If you have logged in and only received a blank page your password might have been compromised. (This is unclear but expect the worst.) Please change your password to a new one without any delay.

Some parts of the forum might still not work. I am working on fixing it but I really do not understand how these things works. (Somehow someone think that it is fun to hack a forum run by someone who is defenseless and know nothing about how things work.) Please let me know if you find something broken.

Sorry about the inconvenience.

Post by **ponylady** » 22 Sep 2008, 19:30

well, i noticed that stuff.

in fact, there were at least 2 "guys" slugging it out.

verzeih.com was the 1st one i noticed to change the login-script.
afterwards orentraff.cn overwrote & changed the script.

Nuclearo · Post by **Nuclearo** » 22 Sep 2008, 20:44

I tried to change the password but apparently I can't remember it correctly (damn autocomplete), so I used "Forgot my password" to reset it, but I get the following error:

Code: Select all

General Error
 
Could not find email template file :: user_activate_passwd

DEBUG MODE

Line : 111
File : emailer.php

It seems like they were smart enough to change the password recovery too. What should I do now?

Post by **anna** » 22 Sep 2008, 21:19

I am working on this problem and I was hoping no one would need that function until I had it sorted. Stay tuned...

tester · Post by **tester** » 22 Sep 2008, 23:02

Try it now.

Nuclearo · Post by **Nuclearo** » 22 Sep 2008, 23:26

Done. Thanks!

Post by **anna** » 23 Sep 2008, 21:38

If someone finds that her/his avatar is suddenly missing then please upload it again. Sorry about that.

Mc_ntk · Post by **Mc_ntk** » 25 Sep 2008, 02:28

Anna, I came back from the crypt just to tell you disable the signatures people have untill you update phpbb. Its the most common way to cross site script (xss).
Hope things get back to normal.

Post by **anna** » 27 Sep 2008, 09:52

Mc_ntk:
Please read PM.

Everyone:
Please all update your passwords. There is no guarantee that the hackers have not gotten access to the current ones even if you have not been logging in during the hack. Changing passwords regularly is a good thing to do no matter what. The script mentioned above works perfectly. (It was never hacked, it was just messed up by me.)

cdinbonds · Post by **cdinbonds** » 05 Oct 2008, 08:03

Did something happen to the PM part of the forum? I have tried to reply to a PM that came just before the last attack, and both messages I have tried to send seem to be stuck in the outbox. If they were sent they should be in the sentbox. When I wrote them, I hit the send button, and after a few seconds the "Your message has been sent" message popped up, so I thought they had gone, but they are still in the outbox.

ken1985 · Post by **ken1985** » 05 Oct 2008, 16:04

Just a question: wouldn't it be better to upgrade to phpBB 3.0.2?

It seems like this forum is still using phpBB 2.0, which has some
known exploits in older versions...

Dominion · Post by **Dominion** » 05 Oct 2008, 16:48

I was about to post the same thing as Ken. It would probably be more secure, although you'd have to spend a little more time (as would everyone) learning the new system.

If you'd like to upgrade I don't know how your backend works but I'd recommend setting up a subdomain like test.boundanna.net and copying over your databases and files. Upgrade the test domain, let a few people know when you're doing this so they can help you beta test it. Do this for a couple weeks and then make it live by upgrading the main site.

Once you have determined what bugs need fixing and have smoothed out some of the wrinkles in the test site you can make the new launch on the main site much smoother with possibly only a day or so if downtime.

If you need any help in this matter let me know, I've been working with personal sites and friends etc in one way or another for years. I'm pretty good at this web stuff

Edit: Actually after I posted this I decided to run a test on my own personal webserver. I want to familiarize my self with this and see what it's like. PHPBB2 vs. 3

Post by **anna** » 05 Oct 2008, 19:53

cdinbonds wrote:Did something happen to the PM part of the forum? I have tried to reply to a PM that came just before the last attack, and both messages I have tried to send seem to be stuck in the outbox. If they were sent they should be in the sentbox.

No, the PM function was not affected. When you send a PM it appears in the outbox until it have been read by the receiver. It is moved to the sentbox when the receiver have read it.

ken1985 wrote:Just a question: wouldn't it be better to upgrade to phpBB 3.0.2?

It seems like this forum is still using phpBB 2.0, which has some
known exploits in older versions...

An update to PHPBB3 is planed but no date have been set yet. The current forum is as safe as a PHPBB2 forum can be. No hackings have been done from within the forum. The hackers have gained access by other means and that should have been fixed now.

Dominion wrote:If you need any help in this matter let me know, I've been working with personal sites and friends etc in one way or another for years. I'm pretty good at this web stuff

Thanks, I remember that when/if things does not work out.

cdinbonds · Post by **cdinbonds** » 05 Oct 2008, 20:23

OK, thanks Anna!