1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Getting hacked

Discussion in 'Forum Management' started by Blogmaster, Jul 3, 2005.

  1. #1
    Has anyone ever received an email such as this one:

    THIS FORUM HACKED BY TURKISH HACKER ENO7 Inbox

    HACKED BY TURKISH HACKER ENO7 <info@surfingsandiego.com> to mike
    More options Jul 2 (14 hours ago)

    THIS FORUM HACKED BY TURKISH HACKER ENO7.
    SEMrush
    http://www.surfingsandiego.com/forum/ This forum has some security bugs i didnt erase anything... WARNED BY ENO7

    ---------------------------------------------------------------------------------------
    Software provided by Web Wiz Forums version 7.9 - http://www.webwizforums.com
    Free ASP Bulletin Board System - Download your free copy today!
     
    Blogmaster, Jul 3, 2005 IP
    SEMrush
  2. Juls

    Juls Well-Known Member

    Messages:
    1,867
    Likes Received:
    62
    Best Answers:
    0
    Trophy Points:
    170
    #2
    no but i have heard of this type of email. it is more of a nice little note letting you know that the forum script that you are using is vulnerable. i would suggest updating the software if an update has been provided or swapping to another more secure script.

    lucky it wasnt a black hat kiddie script or you would have lost all of your forum data.

    good luck.
     
    Juls, Jul 3, 2005 IP
  3. TommyD

    TommyD Peon

    Messages:
    1,397
    Likes Received:
    76
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Being the weekend, if you run into any problems getting the script updated, I would get into the habit of pulling a data backup frequently.

    Only data since if a 'corrupted' file is installed when hacked, you don't want to reinstall from a backup, use a fresh install with the latest software.

    BTW, have you forwarded the email to the forum script maker?

    later,

    tom
     
    TommyD, Jul 3, 2005 IP
  4. nddb

    nddb Peon

    Messages:
    803
    Likes Received:
    30
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Is that the exact url they sent you? You should look at the source code of the url in the email, make sure they aren't trying to steal your cookies.

    The only recent exploits I see are only for version 7.8, not 7.9, and they are just cross site scripting, and they don't work on 7.9 (tried the java alert box test).

    It seems to me, if someone was legitimately out to warn you, they would have given you details of the exploit, not just said "I hacked your forum, it had some bugs, don't worry."

    If you can, get the IP from the email, look through your web logs, see what that IP did. Or just generally see if anything strange is sent to your forum, or if anyone had access to admin areas. I would thoroughly check this out.

    He could be looking for money. He could be messing with you. He could have legitimately found a hole, but why doesn't he give details on it?
     
    nddb, Jul 3, 2005 IP
  5. Janissary

    Janissary Well-Known Member

    Messages:
    375
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    140
  6. Blogmaster

    Blogmaster Blood Type Dating Affiliate Manager

    Messages:
    25,918
    Likes Received:
    1,353
    Best Answers:
    0
    Trophy Points:
    380
    #6
    wow ... well at least I don't feel singled out :)
     
    Blogmaster, Jul 6, 2005 IP
  7. nddb

    nddb Peon

    Messages:
    803
    Likes Received:
    30
    Best Answers:
    0
    Trophy Points:
    0
    #7
    that's some nice ascii on the lesbian247 site. =)

    I googled it, but didn't find anything, perhaps I just needed to use the turkish google. =)
     
    nddb, Jul 6, 2005 IP
  8. Blogmaster

    Blogmaster Blood Type Dating Affiliate Manager

    Messages:
    25,918
    Likes Received:
    1,353
    Best Answers:
    0
    Trophy Points:
    380
    #8
    You know, this is almost funny but: the hacker went into our forum and posted ... then we secured it. Then one of the members started cursing him out, so the hacker went back in and banned the guy who cursed him.
     
    Blogmaster, Jul 12, 2005 IP
  9. santos

    santos Peon

    Messages:
    16
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #9
    There is same topic... i research him and i surprised look that link...

    http://forums.digitalpoint.com/showthread.php?goto=newpost&t=21132
     
    santos, Jul 13, 2005 IP
  10. justicewhite

    justicewhite Well-Known Member

    Messages:
    240
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    138
    #10
    I wish all the hackers were as nice as this one :)
     
    justicewhite, Jul 14, 2005 IP
  11. relixx

    relixx Active Member

    Messages:
    948
    Likes Received:
    54
    Best Answers:
    0
    Trophy Points:
    70
    #11
    He also got a local anime forum I'm a member of. He doesn't seem to do much damage, just trying to make a name for himself (like SarahK said, "Fame and glory!"). Then again, it could be a smokescreen... :/
     
    relixx, Aug 8, 2005 IP
  12. SeNSe

    SeNSe Peon

    Messages:
    33
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #12
    i wish too justice :D:D
     
    SeNSe, Sep 11, 2005 IP
  13. mightyb

    mightyb Banned

    Messages:
    6,566
    Likes Received:
    405
    Best Answers:
    0
    Trophy Points:
    0
    #13
    Well a few years ago i have managed to find that phpbb MD5 id exploit, when it first been posted. I warned a few admins myself with similar emails. Obviously not "Im the evil script kiddy Hax3r, be warned!"
     
    mightyb, Sep 11, 2005 IP
  14. Cyptc

    Cyptc Peon

    Messages:
    153
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #14
    LoL. Dont look like hes so nice. Just makin a name for himself.
     
    Cyptc, Oct 10, 2005 IP
  15. WebGeek182

    WebGeek182 Active Member

    Messages:
    510
    Likes Received:
    28
    Best Answers:
    0
    Trophy Points:
    95
    #15
    Hacks can get ugly...I've had a server hacked by guys like this.
     
    WebGeek182, Mar 2, 2007 IP