iBotPeaches Posted July 12, 2008 Report Posted July 12, 2008 There is an exploit in the phpBB3 system, which allowed any password through some url()rewrite to call anyone's password into plain text. I'm too tired to post the rest. The exploit has been patched. EDIT: Here is most of what I know. An exploit for phpBB3 was released on public hacking forums everywhere. It was a simple hack that grabbed passwords. I didn't know that was the hack so I didn't defend from it. I now found it, and updated to phpBB3.0.2 which prevents this. Any user who exploited this board is perm banned. I'm gathering users now and starting the ban filters. The passwords are being required to change just because some users may still have your password.
Laxmonster54♥ Posted July 12, 2008 Report Posted July 12, 2008 sounds great. This really got me worried because the Hacker dumped the database to a hacking website. so I downloaded just in case but I guess I can delete it now..... lol
iBotPeaches Posted July 12, 2008 Author Report Posted July 12, 2008 sounds great. This really got me worried because the Hacker dumped the database to a hacking website. so I downloaded just in case but I guess I can delete it now..... lol I have 29 mods installed, and a customized style that I made changes to that all do queries towards the SQL. You would need all my server files, not just the phpBB3 root files to run my board correctly. So were safe there.
Dark Slipstream Posted July 12, 2008 Report Posted July 12, 2008 Great to know another exploit is patched. I am searching through an underground forum at the moment for any exploits, anything I find I will tell you over MSN only. There was one pack that had a few things, I'll have to contact someone to get it again. In the meantime, any hacks or exploits found for phpbb* on this site, remove them. Even if they are in VIP.
Xx Legacy xX Posted July 12, 2008 Report Posted July 12, 2008 Happy as hell, do you mind me asking whats gonna happen to some of the hackers?
Dark Slipstream Posted July 12, 2008 Report Posted July 12, 2008 do you mind me asking whats gonna happen to some of the hackers? Add me on AIM: Dark Siipstream We can discuss this further on that note. or if you want my MSN, please ask Peaches, fattwam, Snail, or blacklabel for it.
I AM T3RROR Posted July 12, 2008 Report Posted July 12, 2008 Who was the hacker?To my knowledge it was a mix of hyperstorm, shotspartan, and haxalot
SmokiestGrunl Posted July 12, 2008 Report Posted July 12, 2008 Who was the hacker?To my knowledge it was a mix of hyperstorm, shotspartan, and haxalotTo my knowledge hyperstorm and haxalot are the same person
iBotPeaches Posted July 12, 2008 Author Report Posted July 12, 2008 I'm missing 6000 attachments. This is a pain. I have no clue where to look for them, or how they just automatically deleted themselves.
Dark Master Posted July 12, 2008 Report Posted July 12, 2008 well, personally i hate to see any site ofline due to hacking so i got in contact with the "authorities" in my area and they said they added it to there "watch list" which is probably good to be on as it should make hackers a little more scared about what there going to do and if its worth it to have the fbi show up at your door. nice job getting it back up peach
CubanLegend Posted July 16, 2008 Report Posted July 16, 2008 so if i reset my password now, i should be safe right? This wont happen again right? i cant afford for the current password to get out. XD
SmokiestGrunl Posted July 17, 2008 Report Posted July 17, 2008 (edited) so if i reset my password now, i should be safe right?Correct, unless you have malware on your computer (which you would of obtained NOT from this site) This wont happen again right? i cant afford for the current password to get out. XDIt will never happen again. The so called "hacker" is a noob and he will never be able to do it again. Edited July 17, 2008 by SmokiestGrunl
Recommended Posts