Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 Snitz 3.4 Hacked :( ..		  New Topic  Topic Locked
 Printer Friendly
Previous Page
Author Previous Topic Topic Next Topic
Page: of 5

RichardKinser
Snitz Forums Admin

USA
16655 Posts
Posted - 23 August 2002 :  21:15:33  Show Profile
v3.4 did have a few SQL Injection vulnerabilities that are fixed in v3.4.01. But, they did require a person to actually save the form, edit it and add code to it, and then submit it from their saved form.

v3.4.01 will be released in less than 24 hours. (probably more like less than 12 hours) I get off from work in about 6 hours. So it will be after that.
Go to Top of Page

CodeName
Junior Member

296 Posts
Posted - 23 August 2002 :  21:20:01  Show Profile
So in 3.4.1 Nobody can hack ?

And you sure in my Database , You didnt see anything anormal ?
Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts
Posted - 23 August 2002 :  21:25:01  Show Profile
of the 3 people who have a M_LEVEL of 3 are they all supposed to be admins?

Unless this person tells you exactly how they are hacking your forum (if they really are), I don't know if it's fixed. I can't tell from your database if it was hacked, or how it was hacked.

You said that this was a brand new v3.4 install, when in fact it was an upgrade from an earlier version. your forum could have been hacked before you upgraded and they just waited until afterwards to do any damage to it.
Go to Top of Page

CodeName
Junior Member

296 Posts
Posted - 23 August 2002 :  21:28:07  Show Profile
yes 1 is forum admin when we installed the snitz forum that one.. And another 2 I m and My friend.. is ok

Hmms.. Maybe.. Ýts possible.. So what can i do now ? "For 3.4.1" Beucase if I install 3.4.1 i will install like 3.4 ?
Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts
Posted - 23 August 2002 :  21:33:05  Show Profile
you'll just need to upload all of the files again and overwrite your existing files. Then run setup.asp and choose to upgrade from v3.4
Go to Top of Page

CodeName
Junior Member

296 Posts
Posted - 23 August 2002 :  21:34:58  Show Profile
okey And The Database can be Ms Sql 2000 ? And Ms Sql 2000 & snitz 3.4.1 can hackeble ?

Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts
Posted - 23 August 2002 :  21:36:37  Show Profile
I can not guarantee 100% that any version of Snitz Forums 2000 will ever be un-hackable. I'm not even going to try to make that guarantee.
Go to Top of Page

CodeName
Junior Member

296 Posts
Posted - 23 August 2002 :  21:38:55  Show Profile
And one more question..

At 3.4 how He hacked My forum ? From database ?
Or Snitz 3.4 has new Security bug and we dont know this ?

From Which Way 3.4 can be hacked ?
Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts
Posted - 23 August 2002 :  21:41:25  Show Profile
Have you read my responses above? I do not know exactly how this person is hacking your forum (if they even are). Your forum could have already been hacked before you upgraded it.
Go to Top of Page

Nathan
Help Moderator

USA
7664 Posts
Posted - 24 August 2002 :  01:02:23  Show Profile  Visit Nathan's Homepage
If you get a chance to ask this eledged hacker how he did what he did, ask him. Or have him report it directly to Richard.
Nathan Bales
CoreBoard | Active Users Download
Go to Top of Page

CodeName
Junior Member

296 Posts
Posted - 24 August 2002 :  05:28:28  Show Profile
Ok I will try that .. Thanks
Go to Top of Page
Page: of 5 Previous Topic Topic Next Topic  
Previous Page
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.43 seconds. Powered By: Snitz Forums 2000 Version 3.4.07