| Author |
 Topic  |
|
|
Saman
Starting Member
1 Posts |
 Posted - 08 May 2002 : 10:34:35
|
Hello All,
Some one has hacked in to the message board last night at www.redlyrics.com/talk (I removed the message board temporary). He had removed some of categories.. And messages.. And also add a link to a web site in the home page. When I go to the message board, it forward to down.asp and display message – "There is a bug on Snitz. So I closed the forum. Try later... "
After that I change the database from my backups. And it was the same - User forward in to down.asp with the same message.
After that I replaced the whole message board files from my backup copy in my computer. IT WAS SAME!
Basically I have setup the whole forum again. But still the same..
I used the hacked database in my personal computer and find out he have deleted some of messages and categories and also add an message in the home page.
I have not installed any security patches.
I have installed pool mood and I have renamed the database and database path is not in the web directory. I don’t think cracker get the admin password.
i'm not a ASP expert..
What you experts things?
Have a good day,
Saman
|
|
|
Davio
Development Team Member
Jamaica
12217 Posts |
Posted - 08 May 2002 : 10:52:57
|
Sorry about your forum Saman. 
You can find the security fixes here:
http://forum.snitz.com/forum/forum.asp?FORUM_ID=118
When the forum is shutdown, a value is stored in a Application variable on the server. So you could replace every file that comes with your forum, it won't change the application variable that was set.
Why don't you log in as admin and then go to down.asp and Open back your forums? If they changed your admin password, you will need to download your database and get the password.
«------------------------------------------------------»
Want to know when the next version comes out,
as soon as possible? Join our Mailing Lists ! |
 |
|
|
Xstream-PT
Starting Member
45 Posts |
Posted - 08 May 2002 : 11:08:02
|
I think you need to install all the security patches.
X
=)
|
|
|
|
Chiz
Junior Member
245 Posts |
Posted - 08 May 2002 : 11:40:57
|
quote:
When the forum is shutdown, a value is stored in a Application variable on the server. So you could replace every file that comes with your forum, it won't change the application variable that was set.
Davio, will a site restart solve this?
Also, I understand that the hackers are able to modify *even* the Snitz source files. What if the forum folder is set to read-only will this also prevent this? How will it impact the forum?
My websites: PalmVenue :: PV Mobile
My Snitz MODs: Categorized Icons
|
|
|
|
Gremlin
General Help Moderator
New Zealand
7528 Posts |
Posted - 08 May 2002 : 18:37:15
|
They will only be able to access the source files if your Admin logon and password for your forums, is the same for your FTP access that you use to upload your site files. Of all the forums that have been hacked so far, I don't think I've seen one yet where they've actually gone and uploaded to changed any of the site files though.
A restart will solve it as Session Variables are lost. Also you can just go to down.asp and restart it from there as Davio suggested.
www.daoc-halo.com |
|
|
| |
Topic |
|
Topic Locked
