My PHPBB forum was hacked tonite. Banned the entire user list and sent out an obscene email to several thousand friends. How nice. I’ve done some damage control, but anyone know how to fix this stuff? I don’t have the time or energy to learn about repairing hacked PHPBB forums.
Resources
Search
Archives
Categories
Meta
You’re forgiven. Who ever did this to your board is not.
Only person I know of who may have some experience fixing a hacked php board would be Simon Dabkowski at livemotionstudios.com. His LiveMotion forum was hacked about 6 months ago, but I forget what actions he took. His board is here:
http://www.livemotionstudio.com/forums
Don’t know if that helps any – hope so.
That really sucks. If it’s any consolation, I didn’t get one because we’re in the middle of fine-tuning our server-side spam filters….I haven’t been getting much of any mail today.
Ok, Now, i understand why .
I was surprised to receive an email with such a poetic message…
Those PHPBB hackers should try something more interseting, their gamme really sucks
I was a bit taken aback by the lovely email sent to me this morning… but no worries mate – hopefully you haven’t lost any valuable info and can get the forums back up easily enough.
Puuh….I?m so glad to read this. First, I thought You?ve found out about me and your wife……:))
No sorry….just making (stupid) jokes. I hope, you?ll get it fixed.
And thanks again for all the Inspiration.
Damn those script monkeys
It could have been the
“phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit”
2.06 had some security issues I believe.
you may need the http://starfoxtj.no-ip.com/phpbb/toolkit/
to edit your board outside phpbb admin interface and regain control.
then back up your db, examine, then delete current phpbb and install phpbb 2.11 as it is (supposedly) secure.
good luck
And I thought you were pissed that I bought your CD… LOL 🙂
You are forgiven, my friend!
Gee Whiz, and I here I thought you were tired of getting hit on 🙂
Hope you are able to recover without too much hassle.
Keith… The easiest way of solving the problem is to get the database backup and download the newest copy from the phpBB site and install the fresh copy… and update the database afterwards…
That should take care of most of your problem if you did not add much MODs to the board…
Jason
I’m trully sorry for what happened. I just started to read the forum a few days ago and seeing this today really makes me angry.
Hope you get to fix it.
Regards, and thanks for all the info posted in the forum.
Whew!….. thought I made the KP hit list! Sorry to hear some script kiddies screwed things up. Hope you get things up and running again soon!
Hi Keith,
We got our board hacked too. The vulnerability in phpBB is fixed here:
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240636
In our case they used it as a backdoor into our main site and put a message on the front page.
To make sure, we are flattening all the boxes for the site and rebulding them.
Hope you get the board fixed.