Back To Website Security

PHPBB.COM Hacked!

  • bbott1982
  • Proficient
  • Proficient
  • User avatar
  • Joined: May 22, 2004
  • Posts: 320
  • Loc: NJ, USA
  • Status: Offline

Post February 6th, 2005, 10:48 pm

Phpbb.com has been hacked! They claim there are no security holes in the current PHPBB - guess they were just unlucky... I'll keep everyone updated for further details! :shock:
Link Lasso Web Directory | Webmaster Forums
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post February 6th, 2005, 10:48 pm

  • snicksnack
  • Beginner
  • Beginner
  • User avatar
  • Joined: Feb 06, 2005
  • Posts: 35
  • Loc: China
  • Status: Offline

Post February 6th, 2005, 11:08 pm

too bad. I cannot understand why some hackers need to destroy other people work.
  • bbott1982
  • Proficient
  • Proficient
  • User avatar
  • Joined: May 22, 2004
  • Posts: 320
  • Loc: NJ, USA
  • Status: Offline

Post February 6th, 2005, 11:18 pm

snicksnack wrote:
too bad. I cannot understand why some hackers need to destroy other people work.


Agreed... It's ashame. :evil:
Link Lasso Web Directory | Webmaster Forums
  • meman
  • Web Master
  • Web Master
  • User avatar
  • Joined: Aug 03, 2004
  • Posts: 3432
  • Loc: London Town , Apples and pears and all that crap
  • Status: Offline

Post February 7th, 2005, 12:11 am

Quote:
At present http://www.phpbb.com is offline due to a group of politically motivated hackers wishing to use an opensource project to push their agenda ... shame on them.

I will take this opportunity to note that given currently available information this hacking episode does not appear to be due to phpBB itself. Instead a third party application looks to have been the problem. Other sites were attacked at the same time as http://www.phpbb.com by the same group displaying the same information and in these cases the same third party application has been suggested as the common factor (thus far). Equally we are not aware of any other phpBB boards being attacked and we have not been notified of any valid security issues recently. Obviously we will have more details when we've reviewed just what happened.


There are no major security holes in 2.0.11 , the hack was on either the server its self or another piece of software they were using.
GodBeGone - Atheist Blog
  • Miss_Bee
  • Guru
  • Guru
  • User avatar
  • Joined: Mar 29, 2004
  • Posts: 1307
  • Loc: Eagle Vale, Sydney (Campbo Chickadee)
  • Status: Offline

Post February 7th, 2005, 1:29 pm

And here they were practically demanding anyone using any phpbb forum less then 2.0.11 had better upgrade in case of being hacked
Love always,
Bee xxx
Parents Escape
  • UNFLUX
  • Genius
  • Genius
  • User avatar
  • Joined: Dec 20, 2002
  • Posts: 6382
  • Loc: twitter.com/unflux
  • Status: Offline

Post February 7th, 2005, 1:34 pm

i seriously doubt it was the board itself that was crashed like that. they were demanding it because of the worms and other various hacks out there running rampant. I tend to think it was some of the other parts of their site that was exploited in this case.

as one example: http://www.google.com/search?hl=en&lr=& ... tnG=Search
UNFLUX.FOTO
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Joined: May 28, 2003
  • Posts: 23404
  • Loc: Woodbridge VA
  • Status: Offline

Post February 7th, 2005, 1:34 pm

Graham posted a note at the area51 developers board yesterday morning and stated that it was not due to phpBB as best as they were able to tell at that time.
"There's no place like 127.0.0.1 except for ::1."
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
  • meman
  • Web Master
  • Web Master
  • User avatar
  • Joined: Aug 03, 2004
  • Posts: 3432
  • Loc: London Town , Apples and pears and all that crap
  • Status: Offline

Post February 7th, 2005, 1:38 pm

I thought it might of been the MS Sql exploit thats used by the worm but phpbb.com run on linux/Apache.

Does anyone know what the "politically motivated hackers" message was?
GodBeGone - Atheist Blog
  • daniel.g.wood
  • Proficient
  • Proficient
  • No Avatar
  • Joined: Oct 13, 2004
  • Posts: 250
  • Loc: England
  • Status: Offline

Post February 7th, 2005, 5:51 pm

I doubt it was the board itself too... very well written.

duno as to the hackers message.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Joined: May 28, 2003
  • Posts: 23404
  • Loc: Woodbridge VA
  • Status: Offline

Post February 7th, 2005, 6:11 pm

The message at the main page has been updated:
http://www.phpbb.com

Looks like a possible vulnerability in AWSTATS.

Looks like this one may be a good idea to keep tabs on, particularly for Linux hosts using AWSTATS.
"There's no place like 127.0.0.1 except for ::1."
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
  • meman
  • Web Master
  • Web Master
  • User avatar
  • Joined: Aug 03, 2004
  • Posts: 3432
  • Loc: London Town , Apples and pears and all that crap
  • Status: Offline

Post February 7th, 2005, 8:15 pm

Quote:
Warning, a security hole was recently found in AWStats versions from 5.0 to 6.2 when AWStats is used as a CGI: A remote user can execute arbitrary commands on your server using permissions of your web server user (in most cases user "nobody").
If you use AWStats with another version or with option AllowToUpdateStatsFromBrowser to 0, you are safe. If not, it is highly recommanded to update to 6.3 version that fix this security hole.

http://www.awstats.org/
GodBeGone - Atheist Blog
  • meman
  • Web Master
  • Web Master
  • User avatar
  • Joined: Aug 03, 2004
  • Posts: 3432
  • Loc: London Town , Apples and pears and all that crap
  • Status: Offline

Post February 9th, 2005, 1:32 pm

I dont know if anyone is interested but zone-h have a mirror of what the hack group (simiens) had to say on the phpbb site.
http://www.zone-h.org/defacements/mirror/id=2050456/
GodBeGone - Atheist Blog
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Joined: May 28, 2003
  • Posts: 23404
  • Loc: Woodbridge VA
  • Status: Offline

Post February 9th, 2005, 1:53 pm

That was intelligent *lol

sidenote - the message was updated at phpbb.com earlier today.
"There's no place like 127.0.0.1 except for ::1."
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Joined: May 28, 2003
  • Posts: 23404
  • Loc: Woodbridge VA
  • Status: Offline

Post February 11th, 2005, 9:53 am

New update today. Looks like they'll be back today or tomorrow:
http://www.phpbb.com/
"There's no place like 127.0.0.1 except for ::1."
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Joined: May 28, 2003
  • Posts: 23404
  • Loc: Woodbridge VA
  • Status: Offline

Post February 11th, 2005, 7:06 pm

phpbb.com is back online.
"There's no place like 127.0.0.1 except for ::1."
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post February 11th, 2005, 7:06 pm

1, 2

Post Information

  • Total Posts in this topic: 16 posts
  • Users browsing this forum: No registered users and 9 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.