Announcement

Collapse
No announcement yet.

Board has been hacked... and again...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Board has been hacked... and again...

    Our board got hacked a few days ago. We were running vb 3.0.6 then.

    The hacker somehow added an admin account into the dbase.
    We had no idea how it happend.

    We figured that there were maybe some security leaks in vb and the hacks we used.
    So we updated to 3.0.8 with a clean template set.

    A few hours after that... The hacker was back again.

    Now I am lost. I have no idea how this could happen. Does this seem familiar to anybody? If it does... How did you handle with this problem?

  • #2
    I'd carefully look over your staff, all staff who have admin access, or anyone who has access to your MySQL / FTP. vB is one of the most secure open source scripts I have ever come across.

    Comment


    • #3
      Some info about server...

      Running FreeBSD 4.10 (Stable)
      Apache 1.3.31
      MySQL 3.23.58
      PHP 4.3.10

      Running PLESK 7.0.4
      Last edited by Hazzz-E; Fri 26 Aug '05, 3:14am.

      Comment


      • #4
        Well i faced this problem b4 and let me tell you that there is other ways to hack the boards even if you are using the latest VB release ..

        You have to take into consideration that the server your site is hosted on have a weak security setting such as the one i had b4 which the hacker may use it to access your files ( /include/config.php )


        there is a script that can show the variables for the config.php ( Database variables )then the hacker can connect to the database and add an admin account .

        My suggestion to you is
        -check all the members who have access to your Admin cp and remove unneeded ones
        -Check the server security if it allow you access to other people home directory then there is your problem ( Ask your host to harden the server )
        - Add directory protection on your admincp directory

        Comment


        • #5
          hmmm, shall have a look into that...

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X