[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4762: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4764: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4765: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4766: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
ClanKiller.com - View topic - Been hacked
It is currently Fri Nov 22, 2024 9:20 am



Reply to topic  [ 9 posts ] 
Been hacked 
Author Message
Minor Diety
User avatar

Joined: Fri Apr 11, 2003 5:09 pm
Posts: 4004
Location: Walsall, West Mids, UK
Reply with quote
Post Been hacked


You do not have the required permissions to view the files attached to this post.


Mon Feb 27, 2006 8:51 am
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post 
I am sorry for that Mole. If you trust me more than Satis, I could suggest you some phpBB protections which I made and use.

But, holy damn turkish hackers. Your page has the code which is pretty malicious for phpBB. I posted it in here on CK between the [ c o d e ] and [/ c o d e] and I got this topic defaced. Try to refresh your template first. And then we will search for the cure.

Dunno about phpmyadmin. Never used.


Mon Feb 27, 2006 9:04 am
Profile WWW
Minor Diety
User avatar

Joined: Fri Apr 11, 2003 5:09 pm
Posts: 4004
Location: Walsall, West Mids, UK
Reply with quote
Post 
I noticed that too, about posting it in the code tags, it made this page die, so I uploaded it as a text file for grabbing.

I've managed to get in to the admin pannel on my forums, but if I click in the management tab for the forum, I get the same page up. I can still access some things.

I've secured my account, there are no rogue admins/mods, and my password and my users passwords are safe.

What do you want me to send to you? Because I don't know how deep this infection goes, and I don't know exactly where it has manifested it's self either. I assumed it was the index page, untill I got in to the admin pannel and found it there too.

How do you mean, refresh my template?

Thanks for your understanding.


EDIT:

Researched in to it.

Basically, they had created new forum and put it inside a giant Iframe, with their logo in it. Googled that, fount something called toolkit, which removes any Iframe, javascript tags etc.

This then allowed me to reaccess my management pannel.

Which then allowed me to delete their forum.

Take that you bastards!

Now, On to not allowing people to access phpmyadmin


Last edited by Mole on Mon Feb 27, 2006 9:41 am, edited 1 time in total.



Mon Feb 27, 2006 9:28 am
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post 
You are welcome.

Template -- renew all the files in e.g. /template/subSilver/. And then see if the thing happens with subSilver template. If it does, the template is likely no problem.

What source... all *.php files except config.php with templates. I think you do not expose your forum by posting that to one single person but your is to judge if I missed something. Don't post in public, use link in pm.

But try the thing with the template first. Got a messenger?


Mon Feb 27, 2006 9:35 am
Profile WWW
Felix Rex
User avatar

Joined: Fri Mar 28, 2003 6:01 pm
Posts: 16662
Location: On a slope
Reply with quote
Post 
personally I'd recommend removing all files from PHPbb and reloading from scratch. There's no telling where changes might have been made. You can pm me your phpmyadmin address and I'll see if I can get in.

btw, you might as well assume all your usernames and passwords have been compromised. After you reinstall your forum (not before!) you should probably change all your passwords, including your MySQL one.

*edit* And back everything up before deleting anything :) */edit*


Mon Feb 27, 2006 9:42 am
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post 
Yes, that is definetely the best solution to be sure that everything is clear. I am just sick hunter on these malevolent bastards, who wish to break new toy before dropping it on garbbage.

I see your forum is going well again. :) If you have idea how they did hack you (Apache log would be extremly useful) let us prevent the similar attacks.

_________________
++


Mon Feb 27, 2006 11:21 am
Profile WWW
Minor Diety
User avatar

Joined: Fri Apr 11, 2003 5:09 pm
Posts: 4004
Location: Walsall, West Mids, UK
Reply with quote
Post 
Thanks for all the help guys :D I'm moving the forum in a few weeks anyway, so I'll be doing a clean install anyway. But I managed to sort everything out, I've .htaccessed myphpadmin and updated everything else.

Again, thanks! :D

_________________
Games to complete:
GTA IV [100%] (For Multiplayer next!)
Fallout 3 [50%]
Rock Band [35%]
http://www.cafepress.com/SmeepProducts


Mon Feb 27, 2006 12:56 pm
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post 
I don't know why you are moving it, but i hope it is not because of this turkish pussies.

_________________
++


Mon Feb 27, 2006 1:00 pm
Profile WWW
Minor Diety
User avatar

Joined: Fri Apr 11, 2003 5:09 pm
Posts: 4004
Location: Walsall, West Mids, UK
Reply with quote
Post 
No, it's because my host is a ripoff.


Mon Feb 27, 2006 7:28 pm
Profile WWW
Display posts from previous:  Sort by  
Reply to topic   [ 9 posts ] 

Who is online

Users browsing this forum: No registered users and 74 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by STSoftware.