Commodore Remix

Posted: **22/12/2004 - 17:18**

Back up your files, this was posted on the yabb boards today:

http://www.boardmod.org/yabb/YaBB.pl?bo ... 1103713201

Well everyone, here's yet another reason to be glad you're using YaBB instead of phpBB. A hacker has been searching for sites that contain the words "Powered by phpBB", and hacking into the sites using some sort of exploit that was included in certain versions of phpBB. They hacked the main site on who's server my site resides. Luckily, it appears that the hacker isn't extremely malicious, they are simply a jerk. All they did was add three files to our server, and didn't actually damage any of the site's content. They added index.htm, index.html and index.php, which all contained simply "IR4DEX OWNZ YOU". Since we currently use SSI, our index file was called index.shtml anyway, so all I had to do was delete the three new files, and everything went back to normal.

Posted: **22/12/2004 - 17:27**

This happened to the ZZAP! forum recently and they are trying to get a backup restored...

Posted: **22/12/2004 - 22:15**

Code: Select all

Powered by phpBB 2.0.3

I believe this version is at risk

Posted: **22/12/2004 - 22:41**

Posted: **23/12/2004 - 14:21**

Tom Detert told me about the exploit a few weeks ago, I've patched the part of code back then (which in return caused the "highlight" bug).

Posted: **23/12/2004 - 15:59**

ok, well, just a thought, long as ur ready i guess.....

Posted: **23/12/2004 - 16:58**

This happened to a footy forum i belong to aswell. Caused a few headaches but thats all.

Posted: **23/12/2004 - 18:35**

Matrix wrote:ok, well, just a thought, long as ur ready i guess.....

Don't get me wrong, I appreciate any such reports/warnings. Thanks m8ey

Posted: **05/01/2005 - 15:40**

I've upgraded phpbb to 2.0.11, just to make sure.

Commodore Remix

phpBB hacker warning

phpBB hacker warning