»Whats wrong with m-x«
|
|||
 It's interesting that thousands of websites are attacked by a worm that uses the bug. This is a screen cap from the logs of my website. Frightening. And phpbb.com offers no check for holes  [CLICK HERE TO VIEW THIS PICTURE] posted by knn |
|||
|
|
|||
| in-my-opinion.orgMiscAnything that doesn't fit in any other categorywhats wrong with m-x |
|
|||
|
knn: With this bug you were able to delete whole servers. In case you don't understand the issue: No, not whole websites. Whole servers. In other words: Usually 1 server hosts dozens, hundreds or thousands of websites. If 1 of these websites has a phpBB running with that unfixed bug ALL thousand of the websites may be deleted. posted by knn |
|||
|
|||
|
|||
 So i tried to log in over at MeX and it kept saying my username and password was wrong...what happened? i cant log in...is you sitll workign on it? or is my accoutn gone? whats up? posted by Agent Zero |
|||
|
|||
|
|||
 Agent Zero: So i tried to log in over at MeX and it kept saying my username and password was wrong...what happened? i cant log in...is you sitll workign on it? or is my accoutn gone? whats up? I can't log in either! Says same thing Zero's getting! posted by hungarian kid |
|||
|
|||
|
|||
|
hungarian kid: Can't log in either! Says same thing Zero's getting! All passwords have been deleted. I will restore them in a few minutes. posted by knn |
|||
|
|||
|
|||
|
knn: I will restore them in a few minutes. Done. posted by knn |
|||
|
|||
|
|||
|
Tell me immediately if something goes wrong again, OK? The slightest irregularity, please! 
posted by knn |
|||
|
|||
|
|||
|
aight knn you got it son...holla posted by Agent Zero |
|||
|
|||
|
|||
 knn: In case you don't understand the issue: No, not whole websites. Whole servers. In other words: Usually 1 server hosts dozens, hundreds or thousands of websites. If 1 of these websites has a phpBB running with that unfixed bug ALL thousand of the websites may be deleted. The unbelievable thing about this is that you can fix this bug by simply deleting 1 word. 
posted by knn |
|||
|
|||
|
|||
 knn: The unbelievable thing about this is that you can fix this bug by simply deleting 1 word. And is this listed on your phpbb security tips thread? posted by volonteshiva |
|||
|
|||
|
|||
|
volonteshiva: And is this listed on your phpbb security tips thread? Yes, it is as the "Santy worm" posted by knn |
|||
|
|||
|
|||
 Will more moderating help in some way to prevent the forum from getting fucked up again? posted by Echelon |
|||
|
|||
|
|||
|
Echelon: Will more moderating help in some way to prevent the forum from getting fucked up again? No, the attack was possible because the attacker 1) Searched for "Powered by phpbb 2.0.5" ♣ in Google to find ANY forum he could attack (I was the second from top to appear). 2) Immediately after finding MeX He started a special program to check whether my forum is vulnarable 3) He gained access to the admin area and thus to the database Obviously he was a professional because he knew exactly what to do. posted by knn |
|||
|
|||
|
|||
|
How did you determine this was the approach? posted by dksaus2 |
|||
|
|||
|
|||
|
dksaus2: How did you determine this was the approach? By checking my logs. And I thought it's maybe a good idea to lure the hacker into posting something by writing "Obviously he was a professional" (my previous post). And by checking my logs now, I found out that YOU are the hacker. Thanks for "practically pointing out" that my forum had a bug. However, it would be nice next time if you could inform me before causing damage. I liked that "real world" -> "matrix" joke though. posted by knn |
|||
|
|||
1, 2, 3, 4, 5 Next
Goto page Previous
1, 2, 3, 4, 5 Next
 Register Log in |
The time now is 10 January 2009, 00:28 php B.B. |