PhpBB Hack

SpaceshipSpaceship
Namecheap AuctionsNamecheap Auctions
Spacemail by SpaceshipSpacemail by Spaceship
Watch

H-O-V

Established Member
Impact
2
Recently I was working on someones site and it took me hours to find the problem (His phpbb installation had been hacked)

I re-installed a fresh copy of the files / searched through a lot of code to find the floating black page with "HACKED by ..." written on it.

In the end I found it, it was html inserted into the mysql database for a forum title, so that it could not be found in code...
 
0
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
GoDaddyGoDaddy
Which version of phpbb were you using?
 
0
•••
Is there any way to prevent this hack from happening in the future ?
 
0
•••
networkmsia said:
Is there any way to prevent this hack from happening in the future ?
i think admins just need to keep their phpbb version up-to-date and hopefully they can stay ahead of the hackers...
 
0
•••
well the hacker had access to the database
 
0
•••
Mutasim said:
Recently I was working on someones site and it took me hours to find the problem (His phpbb installation had been hacked)

I re-installed a fresh copy of the files / searched through a lot of code to find the floating black page with "HACKED by ..." written on it.

In the end I found it, it was html inserted into the mysql database for a forum title, so that it could not be found in code...

It's called mysql injection and it's one of the main exploits of poorly written php. The change of title is extremely common for phpbb. You just don't sound well versed in phpbb. If you posted in the phpbb forums you would have gotten help in seconds...or even if you searched their site you would have found the answer immediately.

phpbb being exploited is nothing new nor uncommon. Keep it updated to latest version ALWAYS..or ditch phpbb entirely.
 
0
•••
Dynadot — .com TransferDynadot — .com Transfer
CatchedCatched

We're social

Escrow.com
Spaceship
Domain Recover
CryptoExchange.com
Catchy
DomDB
NameFit
  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back