Getting hacked

Has anyone ever received an email such as this one:

THIS FORUM HACKED BY TURKISH HACKER ENO7 Inbox

HACKED BY TURKISH HACKER ENO7 <info@surfingsandiego.com> to mike
More options Jul 2 (14 hours ago)

THIS FORUM HACKED BY TURKISH HACKER ENO7.

http://www.surfingsandiego.com/forum/ This forum has some security bugs i didnt erase anything... WARNED BY ENO7

---------------------------------------------------------------------------------------
Software provided by Web Wiz Forums version 7.9 - http://www.webwizforums.com
Free ASP Bulletin Board System - Download your free copy today!

 

no but i have heard of this type of email. it is more of a nice little note letting you know that the forum script that you are using is vulnerable. i would suggest updating the software if an update has been provided or swapping to another more secure script.

lucky it wasnt a black hat kiddie script or you would have lost all of your forum data.

good luck.

 

Being the weekend, if you run into any problems getting the script updated, I would get into the habit of pulling a data backup frequently.

Only data since if a 'corrupted' file is installed when hacked, you don't want to reinstall from a backup, use a fresh install with the latest software.

BTW, have you forwarded the email to the forum script maker?

later,

tom

 

Is that the exact url they sent you? You should look at the source code of the url in the email, make sure they aren't trying to steal your cookies.

The only recent exploits I see are only for version 7.8, not 7.9, and they are just cross site scripting, and they don't work on 7.9 (tried the java alert box test).

It seems to me, if someone was legitimately out to warn you, they would have given you details of the exploit, not just said "I hacked your forum, it had some bugs, don't worry."

If you can, get the IP from the email, look through your web logs, see what that IP did. Or just generally see if anything strange is sent to your forum, or if anyone had access to admin areas. I would thoroughly check this out.

He could be looking for money. He could be messing with you. He could have legitimately found a hole, but why doesn't he give details on it?

 

http://www.google.com.tr/search?q=H...ient=firefox-a&rls=org.mozilla:tr-TR:official

 

wow ... well at least I don't feel singled out

 

that's some nice ascii on the lesbian247 site. =)

I googled it, but didn't find anything, perhaps I just needed to use the turkish google. =)

 

You know, this is almost funny but: the hacker went into our forum and posted ... then we secured it. Then one of the members started cursing him out, so the hacker went back in and banned the guy who cursed him.

 

There is same topic... i research him and i surprised look that link...

http://forums.digitalpoint.com/showthread.php?goto=newpost&t=21132

 

I wish all the hackers were as nice as this one

 

He also got a local anime forum I'm a member of. He doesn't seem to do much damage, just trying to make a name for himself (like SarahK said, "Fame and glory!"). Then again, it could be a smokescreen... :/

 

i wish too justice

 

Well a few years ago i have managed to find that phpbb MD5 id exploit, when it first been posted. I warned a few admins myself with similar emails. Obviously not "Im the evil script kiddy Hax3r, be warned!"

 

LoL. Dont look like hes so nice. Just makin a name for himself.

 

Hacks can get ugly...I've had a server hacked by guys like this.