You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 52 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Still Hacked? -- Nuke or phpBB? -- Patches Installed [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

Still Hacked? -- Nuke or phpBB? -- Patches Installed
 
Post new topic  Reply to topicprinter-friendly view Nuke Cops Forum Index » Nuke Security
View previous topic Log in to check your private messages View next topic
Author Message
Mindlash
Nuke Cadet
Nuke Cadet


Joined: Apr 10, 2003
Posts: 1
PostPosted: Thu Apr 10, 2003 1:46 pm Reply with quoteBack to top
I have been hacked very recently. Frustrating as whoever did it pruned all posts in my phpBB, and deleted all forums *no backups* as that section was only up for a few days, but had hundreds of posts...

They got into my admin section as they messed up my configuration, changing titles, slogans, languages... etc.

I was certain I had applied all the 'known' patches to phpBB (2.0.3) and phpNuke (6.0) to date.

Yes, I did the news and [img] hack patches, but... still didn't.

Is there any way to figure out how it was done? -- The system itself has not been compromised, I've verified that.

Also, my config.php is owned by root.root with only read permissions (not write)... yet the file can still be changed via web-browser. Browser is running by user: apache and apache is not in any groups with root... so how is that possible?

Thanks for the _QUICK_ response!
Find all posts by MindlashView user's profileSend private message
sixonetonoffun
Major
Major


Joined: Jan 13, 2003
Posts: 892
PostPosted: Thu Apr 10, 2003 6:33 pm Reply with quoteBack to top
There where some not so publicized expoits of phpbb2.03 and older that is why the port of 2.04 was turned out at warp speed.

AOL Keyword "Upgrade"

_________________
www.netflake.com
www.glowoptics.com
Find all posts by sixonetonoffunView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view Nuke Cops Forum Index » Nuke Security
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by · TOGETHER TEAM srl ITALY http://www.togetherteam.it · DONDELEO E-COMMERCE http://www.DonDeLeo.com
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.340 Seconds - 401 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::