|
*** PHPBB board owners : HACKER ALERT ***
If you run a PHPBB forum, be on the watch for a user called "avanluxxia" or "avanluxia"
known emails so far : [email protected] [email protected] [email protected] --------------------------------------- Name Server: NS1.USINGMAC.ORG ICANN Registrar: GO DADDY SOFTWARE, INC. Created: 2005-03-28 Expires: 2006-03-28 Status: ACTIVE Please note: the registrant of the domain name is specified in the "registrant" field. In most cases, Go Daddy Software, Inc. is not the registrant of domain names listed in this database. Registrant: Chardy Wang 15 Upper Boon Keng Rd #12-10-1063 Singapore 380015 Singapore Registered through: GoDaddy.com Domain Name: ALIENFAKE.COM Created on: 28-Mar-05 Expires on: 28-Mar-06 Last Updated on: 29-Mar-05 Administrative Contact: Wang, Chardy [email protected] 15 Upper Boon Keng Rd #12-10-1063 Singapore 380015 Singapore 6598320135 Fax -- Technical Contact: Wang, Chardy [email protected] 15 Upper Boon Keng Rd #12-10-1063 Singapore 380015 Singapore 6598320135 Fax -- Domain servers in listed order: NS1.USINGMAC.ORG NS2.USINGMAC.ORG Domain name: FLASHCUBICLE.COM Administrative Contact: Wang, Chardy [email protected] Nanyang Crescent #12-1063 nanyang Singapore, SG 580015 SG +65.98320135 Technical Contact: Wang, Chardy [email protected] Nanyang Crescent #12-1063 Nanyang Singapore, SG 580015 SG +65.98320135 Registrar of Record: TUCOWS, INC. Record last updated on 07-Dec-2004. Record expires on 27-Nov-2005. Record created on 27-Nov-2004. Domain servers in listed order: NS1.USINGMAC.ORG NS2.USINGMAC.ORG ----------------------------------------------------- If you go to ALIENFAKE.COM you will see mister Wang has been playing with some kind of a hacking script that targets PHPBB boards. He signed up several times for my board today, but luckily I have been revamping and improving my board, and happened to catch him! Alienfake.com was registered 3 days ago, so it was not an existing board that got hacked, but rather a TESTING GROUND for whatever malicious scripts MR CHURDY WANG has been developing. I have disabled user activations now, so anybody attempting to join my forum will have to be approved by me first. I am sorry for this inconvenience, but it is a neccesary action. I have also banned all webmail accounts, and blacklisted his IP. If you run a PHPBB , take a second to secure it the best you can from this guy! :Oh crap |
HOLY SHIT !!!
It appears CHARDY WANG aka AVANLUXIA has registered at more than 500 PHPBB boards !!! Looks like he planned/plans on taking them ALL down !!!! :( http://www.google.com/search?q=avanluxia |
All registrations appear to be within the past couple days too!
something really big is going on here :( Maybe I need to phone the authorities in Singapore and have them visit this guy?!? I hope police in Singapore speak english :( Alot of people's hard work and efforts are at stake here! |
Quote:
|
are you guys using phpBB 2.0.11?
i didn't see anything abnormal, but i changed my registration admin to be safe. what tha deal? |
Upon more digging, I found his hacker name is YUDHAX, and his tag line is MAKE LOVE NOT W@R ... he has already hacked/defaced several boards
http://www.google.com/search?q=YudhaX another known email address is [email protected] |
oh this could be big:(
|
This is an old exploit on unpatched board i can tell you the exact line to patch if your not upgraded.
|
phpBB Group announces the release of phpBB 2.0.13, the "Beware of the furries" edition. This release addresses two recent security exploits, one of them critical. They were reported a few days after .12 was released and no one is more annoyed than us, having to release a new version in such a short period of time.
Fortunately both fixes are easy and in each case just one line needs to be edited. The first issue is critical (session handling allowing everyone gaining administrator rights) and we urge you to fix it on your forums as soon as possible: Open includes/sessions.php Find: Code: if( $sessiondata['autologinid'] hahahaha $auto_login_key ) Replace with: Code: if( $sessiondata['autologinid'] hahahaha= $auto_login_key ) A second minor issue reported to bugtraq several days ago was the path disclosure bug in viewtopic.php which got fixed by applying the following steps: Open viewtopic.php Find: Code: $message = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1)); Replace with: Code: $message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1)); |
I am not sure if I am or not STB, as my PHPBB is supplied by my host.
could you please post it here, or email me ff AT gamarays DOT com Thank you |
ok ... Sigapore police number right from their website is 6 353 0000
is 6 the country code? Does somebody know the proper dialing instructions for singapore? |
thanks STB!
|
|
Quote:
try this http://www.ustreas.gov/usss/net_intrusion_forms.shtml |
churdy wang ... sounds kinda like what "dirty wang" would be like if it was said by someone with shit in his mouth
|
posting this here facialfreak alerts all the board owners.
so to all board owners better to do some actions now before it's too late. |
Quote:
But with this much damning info on him, I think the local Singapore constabulary should pay Mr Dirty Wang a visit ... :pimp |
| All times are GMT -7. The time now is 08:05 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123