| Author |
 Topic  |
|
lord
Starting Member
Fyro Macedonia
34 Posts |
 Posted - 06 May 2002 : 14:55:53
|
How can this happends??? Anyone can explane how he hacked my forum ?? Somebady has hacked and delete all topics ..........
http://www.nuneworld.com/forum/default.asp
Please help
Lord
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
|
|
lord
Starting Member
Fyro Macedonia
34 Posts |
Posted - 06 May 2002 : 15:16:48
|
hm,
It's to late now  , but the question is how he has doit ... nice to know for the next time.. and how can I see when is that happends??
Lord
|
 |
|
|
benliu
Starting Member
4 Posts |
Posted - 06 May 2002 : 15:31:14
|
My forum was hacked as well - what do I need to do (or can I do) to restore the previous topics, etc. Is there files I can download to prevent this from happening again. Thanks
quote:
hm,
It's to late now , but the question is how he has doit ... nice to know for the next time.. and how can I see when is that happends??
Lord
|
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 06 May 2002 : 15:34:52
|
quote:
My forum was hacked as well - what do I need to do (or can I do) to restore the previous topics, etc. Is there files I can download to prevent this from happening again. Thanks
To restore topics you need to resort to a backup of your database. Hope that you have it.
To prevent this from happening, visit the links posted by Richard above and apply the changes recommended there.
-------------------------------------------------
Installation Guide | Do's and Dont's | MODs |
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 06 May 2002 : 15:35:22
|
If you have not done so already, read the topics that I posted a link to above.
Unless you have backed up your database, there isn't a way to retrieve data that has been deleted. |
|
|
|
lord
Starting Member
Fyro Macedonia
34 Posts |
Posted - 06 May 2002 : 15:40:39
|
where he attack?? he use some variables (JS OR VB) on this screen or he using same another way??? My forum is still updated you can try to doit what he has done ...
Lord
|
|
|
|
benliu
Starting Member
4 Posts |
Posted - 06 May 2002 : 15:56:13
|
Thanks for the reply. Fortunately, I think I can get the database restored.
For future reference, where are security fixes/bug fixes posted?
Regardless, the forums have been great, and it was our fault for not updating the files. Thanks for the great product.
Ben
quote:
If you have not done so already, read the topics that I posted a link to above.
Unless you have backed up your database, there isn't a way to retrieve data that has been deleted.
|
|
|
|
benliu
Starting Member
4 Posts |
Posted - 06 May 2002 : 16:19:04
|
Also, without knowing what the hacker did, after I apply the fixes, will he be able to hack into it again?
Basically, is it possible that he granted himself admin access to a particular user and then can now legitimately log in and delete everything? Any idea? Thanks
|
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 06 May 2002 : 16:34:28
|
quote:
Also, without knowing what the hacker did, after I apply the fixes, will he be able to hack into it again?
Basically, is it possible that he granted himself admin access to a particular user and then can now legitimately log in and delete everything? Any idea? Thanks
I would say he won't be able to do it, admiting that he used one of the known security issues. You may want to take a look at your server's logs to know what he did.
Regarding the Admin status he may have granted some other user just have a look at the member's list to see if you can find someone who has an Administrator level unduly granted.
-------------------------------------------------
Installation Guide | Do's and Dont's | MODs |
|
|
|
benliu
Starting Member
4 Posts |
Posted - 06 May 2002 : 17:13:58
|
Thanks for the replies..
Last question:
What exactly was the hacker able to do? Did he actually gain admin access and was he able to change configuration options, etc? Thanks
|
|
|
|
HandAble.com
Starting Member
15 Posts |
Posted - 06 May 2002 : 17:19:58
|
quote:
What exactly was the hacker able to do? Did he actually gain admin access and was he able to change configuration options, etc? Thanks
Without saying how they did it.. What they did was trick Snitz into displaying all of the passwords for all the members of the system. Therefore, even after applying the fix, you still need to consider your admin passwords to be known and change them.
----
http://HandAble.com
|
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 06 May 2002 : 17:21:47
|
quote:
Thanks for the replies..
Last question:
What exactly was the hacker able to do? Did he actually gain admin access and was he able to change configuration options, etc? Thanks
Admiting that he explored the members.asp security problem quite likely he obtained passwords (quite likely the admin(s) password(s)) and logged in as admin. Whatever he did after you probably can tell. As I told youy before, a look at your Web server's log can be helpful to allow you an overall picture of what he did, including finding his IP. With his IP you can probably report him to his Internet Provider to see if he can get some punishment for what he did...
-------------------------------------------------
Installation Guide | Do's and Dont's | MODs
Edited by - ruirib on 06 May 2002 17:25:01 |
|
|
|
Cryptik
Starting Member
30 Posts |
Posted - 07 May 2002 : 15:04:05
|
Does the latest release contain all the file changes.
Cryptik
|
|
|
|
gbu_moon
Starting Member
USA
9 Posts |
Posted - 07 May 2002 : 15:57:28
|
i just did all of the changes but when i finished i went to my forum and here's what i saw:
--------------------------------------------------
Microsoft VBScript compilation error '800a0400'
Expected statement
/forum/inc_functions.asp, line 2
\par
^
--------------------------------------------------
is there any way i can just download the latest 'secure' files:
- inc_functions
- members
- pop_pword
because from the download page i clicked on 'download latest version' and the changes weren't applied to those files.
thanks, [GBU]Moon
|
|
|
|
Topic |
|
Topic Locked
