Jul 26, 2008

Phpbb Hackers - LOL
Free Web Hosting, No Ads > CONTRIBUTE > Computers > Computer Security Issues & Exploits
Pages: 1, 2, 3

free web hosting

Phpbb Hackers - LOL

krap
Mar 10 2005, 04:23 PM
I got an email today:

The following is an email sent to you by an administrator of "KORUPTION OWNZ YOUR S****Y SITE". If this message is spam, contains abusive or other comments you find offensive please contact the webmaster of the board at the following address:

korupted@korupted.com

Include this full email (particularly the headers).

Message sent to you follows:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dear members. Your petty website has been hacked. The hacker's name is Koruption. Next time dont use a outdated verison of phpbb b***hes

So im a bit pissed off and check my forum at http://krap.trap17.com/forum
Everythings fine. Nothing different at all. Bit stupid sending me that email when they didnt even hack it.......

Reply

NilsC
Mar 10 2005, 04:51 PM
I moved it here because this is a security issue, not php progrEven though the fix is php programming.

So everyone make sure you have latest version and check your log files smile.gif

Nils

Reply

Rik©
Mar 10 2005, 07:02 PM
QUOTE(krap @ Mar 10 2005, 06:23 PM)
I got an email today:
[font=Courier]
...Everythings fine. Nothing different at all. Bit stupid sending me that email when they didnt even hack it.......
*



Check if you still got admin rights and that no admin has been added and update to latest version (2.0.13)
For extra security of your phpBB2 board you can download the phpbb-security mod/hack by aUsTiN --> phpbb-tweaks.com

Greetz,
Rik©

Reply

haron
Mar 11 2005, 10:26 AM
They are not hackers, they are LAMERS, script kiddies. mad.gif

Reply

CodeName_88
Mar 11 2005, 12:39 PM
I think he meant that they sent him this email not even from the board address, but just kind of as a prank..

but if it did come from the site/board address.. then you may very well have been hacked, and as everyone else said, check your logs, update.. and make sure no admins(or mods!) have been added. i would say check the privledges of the last 20 new members or so.

Reply

L3athle
Mar 11 2005, 09:38 PM
Yeah i remember this whenever i went to the phppb homepage it said it had been hacked by a groop of hackers.
Is the site fixed yet?

Reply

bureX
Mar 13 2005, 12:55 AM
Like Haron said, we are dealing with nothing more than script kiddies here.

I mean... What kind of a lame person actually sends an email to the owner of the site that he is trying to "hack"???

Anyway, I can still see that you are using phpBB 2.0.11.
I RECOMMEND that you upgrade to 2.0.13 as soon as possible!
(Trap17 cPanel does not offer it yet, but you can download the changed files from www.phpbb.com, and replace the old ones in no time, like I did on my forum: http://forum.suwifi.trap17.com).

The newer versions have an updating system, so when you log in to your administrator panel, phpBB will automatically check for newer versions available.

I repeat: Anybody that knows how to use a DOS command prompt, can run an phpBB exploit and gain administrator rights on your forum!

Of course, you should backup your forum database regularly.

Reply

OwrLam
Mar 17 2005, 05:13 PM
For instance if begin the problems, that forum it is necessary to update! PHPbb over and over again broke and without letters!

Reply

krap
Mar 17 2005, 05:15 PM
im not really bothered with that. ive only got 28 members.
Im sure anyone who hacks it is really sad as it's such a small site so they would earn no "respect" for it..
If someone hacked Google for instance they would be known as a hacking god among hackers(or a w**ker among me and loads of other people tongue.gif )
But for my site I dont think the same thing would happen.
I'm sure they would rather hack a busy site and cause disruption..

I cant be bothered to change to 2.13 or whatever it was- it probably has security holes so when someone finds them I'll need to upgrade again.
laugh.gif@php releasing two releases in two days.

Reply

bureX
Mar 17 2005, 11:02 PM
Even with 28 registered users, you shouldn't give some ultra-lamer the pleasure of laming your forum. One user tried to do the same thing when I deleted his post containing some very offensive material on my forum. He tried to use the phpBB exploit that I mentioned, and failed because I upgraded to 2.0.13 already laugh.gif .

Anyway, I hope that the 2.0.13 version is the last security upgrade version, because the phpBB developer team is working hard to release a new version with a bunch of new features, and I would hate to see them be busy with releasing new patches for security holes instead...

Reply

Latest Entries

75rLs3U4
Aug 11 2007, 11:22 PM
I saw something alike in a website with xoops, some stupid kiddie of Arabia changes the index.php and put a weird page about Palestina and stuff antiUSA.

Always is good to read about the cms and security alerts to avoid to be victim of this kind of people, because is very easy to write a script to inject in them and take control of the site.

Also, exists a lot of mods, hacks and other stuff related to the cms to protect of script and sql injections. It's a must to always check if they exists and to install to have a safer website.

Reply

Kioku
Dec 23 2006, 05:11 AM
That story is pretty hilarious. Hack threats are usually fake, as I like to point out. I don't know anybody who should take them seriously. Usually, nobody over the age of 13 is throwing them around. They usually have "leetspeak" names and stuff.

Reply

Voidless_Shadows
Sep 3 2006, 03:53 AM
I haven't seen a major PhpBB exploit in ages...

Reply

spieleforum
Sep 1 2006, 09:15 PM
yes i saw many hacked phpbb forums it isnt funny animore

Reply

garbage
Aug 8 2006, 03:36 AM
wow that sucks, im glad i just updated my version to the latest

Reply


Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.

Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

(Maximum characters: 10,000)
You have characters left.
Confirm Code:

Pages: 1, 2, 3
Recent Queries:-
  1. hack phpbb 2.0.16 - 25.19 hr back. (1)
  2. hacker du phpbb 2.0.16 - 41.12 hr back. (1)
  3. phpbb gain admin hack - 50.48 hr back. (1)
  4. remove exploit-phpbb.b - 61.27 hr back. (1)
  5. phpbb2 gain admin rights - 66.90 hr back. (1)
  6. hack phpbb database - 117.71 hr back. (1)
  7. exploit-phpbb.b - 105.18 hr back. (2)
  8. hack phpbb 2.0.13 - 162.74 hr back. (1)
Similar Topics

Keywords : phpbb, hackers

  1. Hackers Hijack A Half-million Sites: Phpbb Forum Users Must Read
    (8)
  2. Hackers Focus Efforts On Firefox, Safari, And Office
    (1)
    QUOTE Many people are switching from Internet Explorer to alternative browsers such as Firefox
    and Safari. Though that might make them feel more secure, the shift has also opened new doors for
    bad guys. Case in point: We have no IE bugs to report this month, but both Firefox and Safari have
    been hit hard. So forget the idea that just because you've switched to a new browser,
    you're magically safer. You may be for a time, but to stay safe with any software, you need to
    keep current with fixes. Firefox Holes In a somewhat dubious recognition of Firefox's....
  3. Microsoft Update Program Being Used By Hackers
    (6)
    Although I am bit surprise that no one really take about way back then, but it seems the hackers and
    crackers I starting to use the microsoft update downloading to transmit there malware and torjans to
    compromised computers. The reason being is that the Microsoft update program bypasses firewall
    security protocals and so when that malware is getting download, your firewall and virus programs
    will not pick it up. I know a few people turn it off and either download them manually or don't
    download them at all. So to toss out a warning, when you get he windows update ....
  4. Spammers, Hackers Seize On Virginia Tech Shootings
    (3)
    Ok to me I consider the sickest form of human idiots ever, bad enough you have some people mocking
    the shooter but now you got people using spam and hacking computers by using the Virginia Tech
    shootings, This person should be found and beating for using a tragic event like this and trying to
    profit from it. The spam/hack goes like this QUOTE If clicked, the link caused a computer to
    automatically download a malicious screensaver, called TERROR_EM_VIRGINIA.scr by Sophos, which
    installs a Trojan horse program that collects banking details, Cluley said. It was a....
  5. Myspace Has A Team Of Hackers
    (7)
    I found this to be very interesting, a group of hackers routinly attack Myspace to find flaws and it
    looks like they have already started finding them /laugh.gif" style="vertical-align:middle"
    emoid=":lol:" border="0" alt="laugh.gif" /> I find it funny that they actually told Myspace that
    they were going to do this, although I doubt they could find them anyways. /laugh.gif"
    style="vertical-align:middle" emoid=":lol:" border="0" alt="laugh.gif" /> But again they already
    found one which has to do with the url set up of which I won't post because of the legality o....
  6. Phpbb 2.0.18
    Released on the 31st (12)
    To anyone out there using phpBB, the next release has been sent out. Report:
    http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=336756 Download:
    http://www.phpbb.com/downloads.php Additional Download for the Changed Files Only:
    http://www.phpbb.com/files/releases/change...8_repackage.zip I found an error! One of the
    reports was made by myself. Even though it was not a bug, it was about the cosmetic display on the
    index page concerning the subSilver template. As people may have noticed, the ''Mark all
    forums read'' is displayed before you even....
  7. [exploit] Phpbb <=2.0.12 Vulnerability.
    How to be Admin on phpBB in Simple steps (2)
    Another vulnerability in PHPbb based forums that can be used to easily gain any user level access to
    the forum. Even the admin account is not not secure with the default setup. Click Here for more
    details about -"How to be Admin on phpBB in Simple steps!" And here is the Homepage of
    PHPbb and click here to download the latest version.....
  8. [exploit] Phpbb 2.0.15 "viewtopic.php"
    Remote PHP Code Execution Exploit (3)
    phpBB 2.0.15 "viewtopic.php" Remote PHP Code Execution Exploit #!/usr/bin/pyth0n print
    "\nphpBB 2.0.15 arbitrary command execution eXploit" print " 2005 by rattle@awarenetwork.org"
    print " well, just because there is none." import sys from urllib2 import Request, urlopen from
    urlparse import urlparse, urlunparse from urllib import quote as quote_plus INITTAG = ' '
    ENDTAG = ' ' def makecmd(cmd): return reduce(lambda x,y: x+'.chr(%d)'%ord(y),cmd
    ,'chr(%d)'%ord(cmd )) _ex = "%sviewtopic.php?t=%s&highlight=%%27." _ex += ....
  9. And Again A New Phpbb
    phpBB 2.0.17 (17)
    Again got me a nice email from phpBB group...: QUOTE Hi everyone, phpBB Group announces the
    release of phpBB 2.0.17, the "no, we did not forget naming it last time" release. This release
    addresses several bugfixes and some low security issues as well as the recently seemingly
    wide-spread XSS issue (only affecting Internet Explorer). Please have a look down this announcement
    for the code changes necessary to fix the XSS issue, we are again astounded about the energy people
    put into finding the smallest issue in phpBB 2.0.x, those must have a lot of time available. ....
  10. Phpbb 2.0.16 Is Out!
    A new version again... (8)
    PhpBB, one of the most popular PHP based forums is here out in the form of a new version - 2.0.16. A
    few critical issues were corrected, but other than that, nothing special... Still waiting for
    Olympus /sad.gif' border='0' style='vertical-align:middle' alt='sad.gif' /> QUOTE Hi
    everyone, phpBB Group announces the release of phpBB 2.0.16. This release addresses some bugfixes
    and one critical security issue. To fix this, please apply the following change: In viewtopic.php
    Find: CODE $message = str_replace('"', '"', substr....
  11. Phpbb Upload Script "up.php" Arbitrary File Upload
    (0)
    To: BugTraq Subject: phpBB Upload Script "up.php" Arbitrary File Upload Date: Apr 8 2005 2:21AM
    Author: Status-x Message-ID:
    ##################################################################### Advisory #1 "phpBB Upload
    Script "up.php" Arbitrary File Upload" $ Author: Status-x $ Contact: phr4xz gmail com -
    status-x hackersoft net $ Date: 7 April 2005 $ Website: http://defacers.com.mx $
    Original Advisory: http://www.defacers.com.mx/advisories/2.txt $ Risk: High $ Vendor
    URL: http://phpbb.com $ Affected Software: phpB....
  12. Phpbb 2.0.15 Is Out!
    (15)
    phpBB 2.0.15 is out! It has a few bugfixes and improved security features. Don't wait to be
    a victim of an exploit! You can download it from here: http://www.phpbb.com/downloads.php
    Here is the notification e-mail that I have received: QUOTE("The phpBB team") Hi everyone,
    phpBB Group announces the release of phpBB 2.0.15, the "summer needs to be hot" release. This
    release addresses some bugfixes and addressing some security issues, one being serious. With this
    release the admin re-authentication security feature from phpBB Olympus has been backported....
  13. Bugs Found In Phpbb 2.0.13
    PhpBB 2.0.14 released to fix them (8)
    Recently, a few exploits were made for phpBB 2.0.13 (like this one):
    http://lists.virus.org/bugtraq-0503/msg00109.html And some bugs were noticed as well (like this
    one): http://www.addict3d.org/index.php?page=vie...ecurity&ID=3563 And so, the phpBB team has
    released a new version of phpBB - 2.0.14. Here is the e-mail that I have received from their mailing
    list: QUOTE(phpBB list) Hi everyone, phpBB Group announces the release of phpBB 2.0.14, the "We
    know we are (not) furry" edition. This release addresses some bugfixes as well as fixing some minor
    non-critic....
  14. Phpbb Exploit
    (17)
    Recently, an exploit has been found out that allows people to use their cookies to gain access to
    the ACP. And Firefox assists with it /ohmy.gif' border='0' style='vertical-align:middle'
    alt='ohmy.gif' /> ! Basically what happens that is when you visitthe phpBB forum, it logs a
    cookie containing your Session ID (Basically who and when you are). What it does, after much
    decoding and encoding, is allows you to replace your SID with the admin's, thus enabling them to
    gain access. To fix this, upgrade to the latest version of phpBB, 2.0.13. Dun dun dunnnnn! B....
  15. Phpbb Exploit
    PhbBB exploits unleashed! (4)
    /laugh.gif' border='0' style='vertical-align:middle' alt='laugh.gif' /> hello Oh
    !!!!! agian PHPBB exploits & bugs phpbb team must /laugh.gif' border='0'
    style='vertical-align:middle' alt='laugh.gif' /> dead check here
    http://k-otik.com/exploits/20050228.phpbbsession.c.php /wink.gif' border='0'
    style='vertical-align:middle' alt='wink.gif' /> for more security use IPB OR VBULLETIN
    /unsure.gif' border='0' style='vertical-align:middle' alt='unsure.gif' /> Thanks Best REgars ,
    liridonahm EDIT : PHPBB EXPLOITS, Trap17 is not responsible ....


      16. Looking for phpbb, hackers

Searching Video's for phpbb, hackers
advertisement



Phpbb Hackers - LOL



 

 

 

 

ADD REPLY / Got an Opinion! Remove these ADs! RAPID SEARCH! Free Web Hosting [X]
Express your Opinions, Thoughts or Contribute more info. to help others.
Ask your Doubts & Queries to get answers, So that "Together We can help others!" 		Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP.
500MB Space *No Ads*, CPanel, FTP, PHP, MySQL, EMails - 100% FREE