| Author |
 Topic  |
|
JohnC
Junior Member
215 Posts |
 Posted - 13 December 2007 : 20:03:04
|
Here's the hacker's tracks in the forums:
2007-12-12 12:15:41 GET /forums/forum.asp ARCHIVE=true&FORUM_ID=101 80 - 195.244.128.16 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.11)+Gecko/20071127+Firefox/2.0.0.11 200 0 0
- POST /forums/register.asp mode=DoIt
- GET /forums/register.asp actkey=5d39yrr43h
- POST /forums/active.asp |309|80040e14|Incorrect_syntax_near_'_'.
- GET /forums/pop_profile.asp mode=Edit
- GET /forums/admin_login.asp target=admin_home.asp
- POST /forums/admin_login.asp
- POST /forums/admin_config_features.asp
- GET /forums/default.asp |865|80040e14|Incorrect_syntax_near_'_'.
- GET /forums/post.asp method=EditForum&FORUM_ID=61&CAT_ID=12&type=0
Can almost see everything he or she did. Does the first one mean they archived one of the forums? |
Edited by - JohnC on 13 December 2007 20:58:54 |
 |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
ellanvannin
Starting Member
3 Posts |
Posted - 13 December 2007 : 20:45:06
|
rui
could you take a look at our forum, we were hacked, and have overwritten the forum from a backup, and we are recieving errors
www.gayinfo.org.im
or you can email me |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
ellanvannin
Starting Member
3 Posts |
Posted - 13 December 2007 : 21:52:51
|
a saved copy from 6 months ago, but now it wont work
if i can give you a password or anything to have a look no probs
kev |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 13 December 2007 : 22:02:44
|
| Well email me the FTP data and admin username and password and I'll try and have a look. It's about 3 AM here, so can't promise I will do it before the morning, though. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
ellanvannin
Starting Member
3 Posts |
Posted - 13 December 2007 : 22:08:19
|
your a star, the forum is useless at present so no rush
hope the weather in portugal is better than here !
kev
|
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 13 December 2007 : 22:20:34
|
Well, seems like your have a permissions problem (updateable query error). You will need to talk to your host about that. I've provided some more info by email.
I've applied the security fix to stop the forum from being hacked again. Make sure you subscribe to the Announcements Security Related Bug Fixes forum to avoid missing any future security fixes. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
Melly1953
Starting Member
2 Posts |
Posted - 14 December 2007 : 12:43:45
|
I was hacked into on Dec 12th as well...same militant Turkish group. I kept trying to logon here..but my username was not accepted. Long story short..used my DIL's email..as I am here visiting..they just had a new baby.
I still cannot login as admin to my forums. It won't accept the new password at all. I registered as a new user..but there is not way for me to get to admin options at all! Please help. I am trying to fix this thing and take care of a very busy 2 year old! :) |
|
|
|
weeweeslap
Senior Member
USA
1077 Posts |
Posted - 14 December 2007 : 12:48:57
|
| what database do you use? Can you log into the database and change the admin account email address to your email account and then use the lost password feature to gain access to the admin account? |
coaster crazy |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Melly1953
Starting Member
2 Posts |
Posted - 14 December 2007 : 13:23:28
|
quote:
Originally posted by weeweeslap
what database do you use? Can you log into the database and change the admin account email address to your email account and then use the lost password feature to gain access to the admin account?
I have no clue what database. I am a novice. I've had the forums up for 16 mos. though and no problems like hacking have ever occured. Sounds like it happened to quite a few on the 12th. Hmmmm.
BTW...your DVD's are expensive. I just bought a new American pie for 5.99. |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 14 December 2007 : 17:35:25
|
Melly1953,
Without FTP info there is nothing I can do. Please send me the FTP server address, FTP username and password and I'll deal with it. Otherwise I can't do a thing. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
alltp
Starting Member
36 Posts |
Posted - 14 December 2007 : 21:48:23
|
rui,
i had the same problem and did the security patch but likely have the same iframe problem (which you noticed - by the way thanks for visiting the Buzz).
I've emailed you the db logon info. Appreciate your help - you are AWESOME!
|
John Hill
www.alltp.com
www.tabletpcbuzz.com
www.tabletpcbuzz.com/3dbuzz |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Topic |
|
Topic Locked
