| Author |
 Topic  |
|
Zenfor
Junior Member
372 Posts |
 Posted - 30 December 2005 : 08:12:51
|
| OK so I haven't kept up with the security patches but wondering how this could happen. He added a forum and desplayed a big hacked message with a graphic. I deleted it already so I don't have any other details but he did get in as an administrator. Said something about upgrade your software. |
Edited by - Zenfor on 30 December 2005 08:13:39 |
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 30 December 2005 : 08:19:41
|
This is why it's worth keeping up with the patches - it's sad that people feel the need to tag or damage things, but on the bright side you were hacked by a very considerate hacker if he just advised you to patch and didn't mess up all your community!
I'd just treat this as a learning experience, and silently thank him for bringing this to your attention, and be happy he got you before some little idiot did!
my 2p  |
 |
|
|
Zenfor
Junior Member
372 Posts |
Posted - 30 December 2005 : 08:33:12
|
quote:
Originally posted by pdrg
This is why it's worth keeping up with the patches - it's sad that people feel the need to tag or damage things, but on the bright side you were hacked by a very considerate hacker if he just advised you to patch and didn't mess up all your community!
I'd just treat this as a learning experience, and silently thank him for bringing this to your attention, and be happy he got you before some little idiot did!
my 2p
I didn't see any other problems.
I just downloaded the patches I saw on the security section and subscribed to the emails. Should I do anything else or is this enough. I must be a couple of years without applying any security patches. |
|
|
|
dmontague
Starting Member
16 Posts |
Posted - 30 December 2005 : 09:41:08
|
Hi there,
I just got the same hack as well. Big graphic and no other damage.
What version are you using? I am still using 3.4.04.
I am looking to upgrade, but that will take some time.
Is there a place to find the updates for the 3.4.04 version? I do remember there being more than the 2 that are there currently.
Thanks,
Dave |
Dave Montague |
|
|
|
Zenfor
Junior Member
372 Posts |
Posted - 30 December 2005 : 09:55:31
|
quote:
Originally posted by dmontague
Hi there,
I just got the same hack as well. Big graphic and no other damage.
What version are you using? I am still using 3.4.04.
I am looking to upgrade, but that will take some time.
Is there a place to find the updates for the 3.4.04 version? I do remember there being more than the 2 that are there currently.
Thanks,
Dave
How do I find out what version I have? I see a copyright on the bottom of 2000-2002.
Anyone know how this happened and how I can prevent it without doing a ton of work? Thanks!
Are they finding my forum through here? |
|
|
|
dmontague
Starting Member
16 Posts |
Posted - 30 December 2005 : 10:06:41
|
If you go to the Admin area and then Main Forum Features.
It is in there.
quote:
Originally posted by Zenfor
quote:
Originally posted by dmontague
Hi there,
I just got the same hack as well. Big graphic and no other damage.
What version are you using? I am still using 3.4.04.
I am looking to upgrade, but that will take some time.
Is there a place to find the updates for the 3.4.04 version? I do remember there being more than the 2 that are there currently.
Thanks,
Dave
How do I find out what version I have? I see a copyright on the bottom of 2000-2002.
Anyone know how this happened and how I can prevent it without doing a ton of work? Thanks!
Are they finding my forum through here?
|
Dave Montague |
|
|
|
Zenfor
Junior Member
372 Posts |
Posted - 30 December 2005 : 10:17:34
|
| Using Snitz Forums 2000 Version 3.4.05 |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Zenfor
Junior Member
372 Posts |
Posted - 30 December 2005 : 12:52:45
|
quote:
Originally posted by ruirib
Zenfor, you do need to apply the latest security patches. Also, have a look at your server log files, if you can, it could allow you to find out how it was done.
I applied the latest patches you have posted.
I have the server logs, what do I look for? How was he able to add a forum. I don't even see a new user? |
|
|
|
MarcelG
Retired Support Moderator
Netherlands
2625 Posts |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 30 December 2005 : 13:28:16
|
| You'd need to browse the log carefully, looking for actions like loging in to admin options or adding the forum. Like that you could trace the login of that user back to his first action, to figure out what he did. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
MarcelG
Retired Support Moderator
Netherlands
2625 Posts |
Posted - 30 December 2005 : 13:28:35
|
He's trying to get in via some SQL injection tricks:
he tried this one: /news.asp news_id=1831'%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='|421|8
|
portfolio - linkshrinker - oxle - twitter |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Zenfor
Junior Member
372 Posts |
Posted - 05 January 2006 : 09:05:44
|
Hi,
I don't know if it is related but all of a sudden I notice that I am missing the Format Mode and Format buttons, font size, color, etc., on the posting boxes. Appreciate any ideas on how I can fix that. |
|
|
|
Zenfor
Junior Member
372 Posts |
Posted - 05 January 2006 : 09:16:57
|
Hi,
I got them back. Looks like they were turned off in the admin. Was this something the hacker did? |
|
|
|
HuwR
Forum Admin
United Kingdom
20595 Posts |
Posted - 05 January 2006 : 11:53:04
|
| probably, however you really need to get a copy of your weblogs from the time this happened, otherwise you will not know how they got in and will therefore be unable to prevent them from doing it again |
|
|
|
Topic |
|
Topic Locked
