how do you fix a hacked phpBB2? - GoFuckYourself.com

Mr Pheer · 09-29-2005, 03:49 PM

some prick hacked my biker site, how do i fix it?

KMR Stitch · 09-29-2005, 03:51 PM

Did you have a bunch of mod's loaded? Or is it just regular phpBB?

FrankWhite · 09-29-2005, 03:52 PM

first patch it to the latest version, then look around and see if he left any backdoors.

Mr Pheer · 09-29-2005, 03:53 PM

i didnt have any mods, was just the regular phpbb2

but it looks like my whole database is gone... all the forums say 0 messages and i cant even log in

$5 submissions · 09-29-2005, 03:55 PM

Quote:

Originally Posted by MrPheer

i didnt have any mods, was just the regular phpbb2

but it looks like my whole database is gone... all the forums say 0 messages and i cant even log in

BTW, did everything we talked about go okay?

KMR Stitch · 09-29-2005, 03:57 PM

I would say post a link... It's not spamming your fourm.

Mr Pheer · 09-29-2005, 03:57 PM

Quote:

Originally Posted by $5 submissions

BTW, did everything we talked about go okay?

yep, thanks man

Mr Pheer · 09-29-2005, 03:59 PM

Quote:

Originally Posted by KMR Stitch

I would say post a link... It's not spamming your fourm.

i dont really want to do that, its a forum for 84 guys in Las Vegas, most of them are real nice people and I dont want any pricks from GFY signing up and ruining my board like they've done to this one.

QuaWee · 09-29-2005, 04:04 PM

Quote:

Originally Posted by Doomed

first patch it to the latest version, then look around and see if he left any backdoors.

fuck I love your sig

woj · 09-29-2005, 04:46 PM

Quote:

Originally Posted by MrPheer

i didnt have any mods, was just the regular phpbb2

but it looks like my whole database is gone... all the forums say 0 messages and i cant even log in

looks like you are fucked, better hope you or your host has a backup...

bigmack · 09-29-2005, 05:21 PM

Quote:

Originally Posted by MrPheer

some prick hacked my biker site, how do i fix it?

Best idea in my line of thinking, say if your board was hacked so bad that you would have to start over from scratch (including loosing all accounts and posts) dump PHPBB and install Invision Powerboard. They have a free version and its the best board software I have ever run. I've used both scripts, I would take IvPB any day of the week.

KMR Stitch · 09-29-2005, 05:23 PM

Quote:

Originally Posted by bigmack

Best idea in my line of thinking, say if your board was hacked so bad that you would have to start over from scratch (including loosing all accounts and posts) dump PHPBB and install Invision Powerboard. They have a free version and its the best board software I have ever run. I've used both scripts, I would take IvPB any day of the week.

Yeah, I have heard good things about IPB. Why not just buy a lic. It's like 100ish I think

chaze · 09-29-2005, 05:24 PM

PHPBB hacks give access to the whole site, you needa ftop or ssh program that can check for the date of changed files.

Then find any files changed from the day you where hacked.

Then remove them and replace with new ones, then update that shit

The update should correct the file permissions and get things back in action.

bigmack · 09-29-2005, 05:26 PM

Quote:

Originally Posted by KMR Stitch

Yeah, I have heard good things about IPB. Why not just buy a lic. It's like 100ish I think

You could, but with the free version you get everything, it all works and never have to worry about a trial expiring. I think you might get patches between versions or tech support maybe with a lic, I dont know for sure. Anytime they come out with a newer version its available for download too. So, you can keep upgrading for free too.

Mr Pheer · 09-29-2005, 05:37 PM

Quote:

Originally Posted by chaze

PHPBB hacks give access to the whole site, you needa ftop or ssh program that can check for the date of changed files.

Then find any files changed from the day you where hacked.

Then remove them and replace with new ones, then update that shit

The update should correct the file permissions and get things back in action.

thats a great idea man... thanks

HairToStay · 09-29-2005, 06:03 PM

What version were you using?

Do you know which of the exploits they used to "hack" your site?

camouflaged123 · 09-29-2005, 06:05 PM

You can check with your host...they might be able to help you as they usuallly have a backup

Mr Pheer · 09-29-2005, 06:06 PM

Powered by phpBB 2.0.10

i dont know what exploit they used, but they put a bunch of turkish proaganda all over the site

Marshal · 09-29-2005, 06:28 PM

just a patch... or upgrade to a newer version...

Argoz · 09-29-2005, 06:35 PM

Quote:

how do you fix a hacked phpBB2?

With Vbulletin.com

Mr Pheer · 09-29-2005, 08:08 PM

I was able to get the board working again and remove all the turkish propaganda he put all over the place, users are still there but looks like the message database with over 5000 posts is gone

updated it to the newest version released sept 17th

Machete_ · 09-29-2005, 08:12 PM

get myphpadmin and check the database if it there. they might have changed the dbconnection and query, so it looks for the data somewhere else

Mr Pheer · 09-29-2005, 08:15 PM

Quote:

Originally Posted by ebus_dk

get myphpadmin and check the database if it there. they might have changed the dbconnection and query, so it looks for the data somewhere else

the database is there, and it says its 594k but the board says no messages??

Machete_ · 09-29-2005, 08:19 PM

Quote:

Originally Posted by MrPheer

the database is there, and it says its 594k but the board says no messages??

Then Im PRETTY sure its looking the wrongplace
I reccomend you visit http://www.phpbb.com/phpBB/
its the best place for support... and take a COMPLETE mysql backup before changing anything

HairToStay · 09-30-2005, 04:38 AM

Quote:

Originally Posted by MrPheer

Powered by phpBB 2.0.10

i dont know what exploit they used, but they put a bunch of turkish proaganda all over the site

Oh, that's why -- they're up to 2.0.17 and the exploits for your version are very well known -- that's when those php exploits began popping up.

Read the phpBB forum for information and how to restore because as someone said, the mysql db is most likel intact unless they managed to get into phpmyadmin.

If I remember right, more than 70,000 phpBB forums were hacked the first week of that exploit on 2.0.10

grumpy · 09-30-2005, 05:53 AM

Quote:

Originally Posted by Doomed

first patch it to the latest version, then look around and see if he left any backdoors.

thats one fucking wild gif in your sig.

MetroPornTour · 09-30-2005, 06:03 AM

Quote:

Originally Posted by Doomed

first patch it to the latest version, then look around and see if he left any backdoors.

I love your sig photo!!!
Where is it from?

Manowar · 09-30-2005, 06:05 AM

Quote:

Originally Posted by Pixhell

With Vbulletin.com

09-29-2005, 03:49 PM	#1
Mr Pheer So Fucking unBanned Industry Role: Join Date: Dec 2002 Location: Las Vegas Posts: 21,753	how do you fix a hacked phpBB2? some prick hacked my biker site, how do i fix it? __________________ WebIgniter AI Multitime 7-figure producer and 29 year Niche Industry Veteran

09-29-2005, 03:53 PM	#4
Mr Pheer So Fucking unBanned Industry Role: Join Date: Dec 2002 Location: Las Vegas Posts: 21,753	i didnt have any mods, was just the regular phpbb2 but it looks like my whole database is gone... all the forums say 0 messages and i cant even log in __________________ WebIgniter AI Multitime 7-figure producer and 29 year Niche Industry Veteran

09-29-2005, 06:03 PM	#16
HairToStay Confirmed User Join Date: Oct 2002 Location: Southcoast, Mass. Posts: 1,521	What version were you using? Do you know which of the exploits they used to "hack" your site? __________________ Make bank by giving your surfers free pics every day and it costs you NOTHING! Use POTD Sponsors to find adult sponsors in more than 75 niches who offer a POTD feature!

09-29-2005, 06:05 PM	#17
camouflaged123 Confirmed User Join Date: Feb 2005 Posts: 1,590	You can check with your host...they might be able to help you as they usuallly have a backup __________________ HIGHEST PAYING PHARMACY AFFILIATE PROGRAM IS HERE! 1 order a day=$1710/month

09-29-2005, 06:06 PM	#18
Mr Pheer So Fucking unBanned Industry Role: Join Date: Dec 2002 Location: Las Vegas Posts: 21,753	Powered by phpBB 2.0.10 i dont know what exploit they used, but they put a bunch of turkish proaganda all over the site __________________ WebIgniter AI Multitime 7-figure producer and 29 year Niche Industry Veteran

09-29-2005, 03:51 PM	#2
KMR Stitch I am cool Join Date: Jul 2003 Posts: 14,494	Did you have a bunch of mod's loaded? Or is it just regular phpBB?

09-29-2005, 03:52 PM	#3
FrankWhite Confirmed User Join Date: Nov 2002 Location: nyc Posts: 3,540	first patch it to the latest version, then look around and see if he left any backdoors.

09-29-2005, 03:57 PM	#6
KMR Stitch I am cool Join Date: Jul 2003 Posts: 14,494	I would say post a link... It's not spamming your fourm.

09-29-2005, 05:24 PM	#13
chaze Confirmed User Industry Role: Join Date: Aug 2002 Posts: 9,752	PHPBB hacks give access to the whole site, you needa ftop or ssh program that can check for the date of changed files. Then find any files changed from the day you where hacked. Then remove them and replace with new ones, then update that shit The update should correct the file permissions and get things back in action.

09-29-2005, 06:28 PM	#19
Marshal Biz Dev and SEO Industry Role: Join Date: Jun 2005 Posts: 15,186	just a patch... or upgrade to a newer version... __________________ --- Busy ranking websites on Google...

09-29-2005, 08:08 PM	#21
Mr Pheer So Fucking unBanned Industry Role: Join Date: Dec 2002 Location: Las Vegas Posts: 21,753	I was able to get the board working again and remove all the turkish propaganda he put all over the place, users are still there but looks like the message database with over 5000 posts is gone updated it to the newest version released sept 17th __________________ WebIgniter AI Multitime 7-figure producer and 29 year Niche Industry Veteran

09-29-2005, 08:12 PM	#22
Machete_ WINNING! Industry Role: Join Date: Oct 2002 Posts: 14,579	get myphpadmin and check the database if it there. they might have changed the dbconnection and query, so it looks for the data somewhere else