1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

phpBB forum seems to have been hacked!

Discussion in 'phpBB' started by kentuckyslone, May 4, 2008.

  1. #1
    When I go to any url within my forum all I get is a blank white page.

    I checked in phpMyAdmin and see that there are 6 table in the dB. I think there are supposed to be more.

    Has nayone else seen this happen OR do you know how many tables should be in the dB?
    SEMrush
     
    kentuckyslone, May 4, 2008 IP
    SEMrush
  2. BlueEew

    BlueEew Well-Known Member

    Messages:
    2,435
    Likes Received:
    79
    Best Answers:
    1
    Trophy Points:
    150
    #2
    I am positive there are more then six tabels.
     
    BlueEew, May 4, 2008 IP
    kentuckyslone likes this.
  3. GRIM

    GRIM Prominent Member

    Messages:
    12,638
    Likes Received:
    733
    Best Answers:
    0
    Trophy Points:
    360
    #3
    I see you have another item you think was hacked.

    Are both of these on the same server? If so is it your server or shared? It sounds a lot like a hard drive full issue 'might not be' but I've had it happen before. When the script tries to write to the database since the hd is full it zeros out.
     
    GRIM, May 4, 2008 IP
    kentuckyslone likes this.
  4. kentuckyslone

    kentuckyslone Notable Member

    Messages:
    4,371
    Likes Received:
    367
    Best Answers:
    0
    Trophy Points:
    205
    #4
    I have had this happen to two different sections of the site. The WP and phpBB are run in separate folders. I have looked at a lot of the files and cannot find anything that looks amiss.

    With both scripts certain tables from the dB have been deleted.

    On the WP site it was the comments, links and posts. If this was a problem due to drive full issue it probably wouldn't have been so dead accurate on the particular tables that would cause the most harm.

    On the phpBB section I haven't figured out the problem yet, but since I see only 6 tables I am suspecting that the same thing has occurred here.

    EDIT -- I just restored a dB backup and can now say that there are supposed to be 62 tables in the dB for phpBB. The forum is still coming up a blank white page :mad:
     
    kentuckyslone, May 4, 2008 IP
  5. BlueEew

    BlueEew Well-Known Member

    Messages:
    2,435
    Likes Received:
    79
    Best Answers:
    1
    Trophy Points:
    150
    #5
    Is the config.php page correct?
     
    BlueEew, May 4, 2008 IP
  6. kentuckyslone

    kentuckyslone Notable Member

    Messages:
    4,371
    Likes Received:
    367
    Best Answers:
    0
    Trophy Points:
    205
    #6

    Yes, it looks normal
     
    kentuckyslone, May 4, 2008 IP
  7. BlueEew

    BlueEew Well-Known Member

    Messages:
    2,435
    Likes Received:
    79
    Best Answers:
    1
    Trophy Points:
    150
    #7
    Maybe if you install the software again, then restore the database using mySQL dump? That should work. :D

    Wait and see what others say first though.
     
    BlueEew, May 4, 2008 IP
  8. RectangleMan

    RectangleMan Notable Member

    Messages:
    2,825
    Likes Received:
    131
    Best Answers:
    0
    Trophy Points:
    210
    #8
    Did you bother to read this? He actually knows what he is talking about. If the partition where your DB gets full Mysql goes ape and crashes...tables can be completely destroyed.

    Do you have ssh? Run a du -h in console and see what the drive has left on the partition where you store your mysql. Certain hosts use temporary tables that can build up into the GB's of data and within weeks fill a partition.
     
    RectangleMan, May 5, 2008 IP
    kentuckyslone likes this.
  9. kentuckyslone

    kentuckyslone Notable Member

    Messages:
    4,371
    Likes Received:
    367
    Best Answers:
    0
    Trophy Points:
    205
    #9

    Yes, I actually did read his post. Did you read my post where I replied to what he said?

    Thanks for the advice GRIM and Rectangleman, I will contact my host and see what I can find out.

    This blog has been going for more than a year, the forum was started in January of 08.

    What is a du -h in console?
     
    kentuckyslone, May 5, 2008 IP
  10. GRIM

    GRIM Prominent Member

    Messages:
    12,638
    Likes Received:
    733
    Best Answers:
    0
    Trophy Points:
    360
    #10
    du commands are for showing Disk usage
     
    GRIM, May 5, 2008 IP
  11. Jackuul

    Jackuul Well-Known Member

    Messages:
    2,972
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    130
    #11
    What version of PhpBB?
     
    Jackuul, May 5, 2008 IP
  12. kentuckyslone

    kentuckyslone Notable Member

    Messages:
    4,371
    Likes Received:
    367
    Best Answers:
    0
    Trophy Points:
    205
    #12
    I am using version 3.0.0
     
    kentuckyslone, May 5, 2008 IP
  13. Jackuul

    Jackuul Well-Known Member

    Messages:
    2,972
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    130
    #13
    3.0.1 is the latest >.>
     
    Jackuul, May 5, 2008 IP
  14. kentuckyslone

    kentuckyslone Notable Member

    Messages:
    4,371
    Likes Received:
    367
    Best Answers:
    0
    Trophy Points:
    205
    #14
    Yeah, you are correct.

    I just discovered a very long list of porno urls and image links (none of this showed up on the blog as far as I could see) the urls used were bettasearch . com in a backup of the database I did on my WP blog. I thnk this is related - too much coincidence

    http://forums.digitalpoint.com/showthread.php?p=7657446
     
    kentuckyslone, May 5, 2008 IP
  15. Lpspider

    Lpspider Well-Known Member

    Messages:
    2,217
    Likes Received:
    56
    Best Answers:
    0
    Trophy Points:
    160
    #15
    No offense, but what do you expect with phpBB?
     
    Lpspider, May 5, 2008 IP
  16. Jackuul

    Jackuul Well-Known Member

    Messages:
    2,972
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    130
    #16
    You can take that opinion and shove it.

    phpBB is fine as long as you keep it updated, and it is open source. I'd rather maintain my forums without paying out the colon for a forum that is not open source, and bugfixed like phpBB.
     
    Jackuul, May 5, 2008 IP
  17. kentuckyslone

    kentuckyslone Notable Member

    Messages:
    4,371
    Likes Received:
    367
    Best Answers:
    0
    Trophy Points:
    205
    #17

    Yeah, I think it is a great platform. Whatever happened here wasnt just because of phpBB. Remember, there were two other scripts (WP and phplist) that were hit too.

    I learned a hard lesson - back up more often!
     
    kentuckyslone, May 5, 2008 IP
  18. GRIM

    GRIM Prominent Member

    Messages:
    12,638
    Likes Received:
    733
    Best Answers:
    0
    Trophy Points:
    360
    #18
    Did you check on drive space?

    I find it way too convenient that 3 different programs had the same thing happen, does not sound like a hack, unless all 3 had the same security flaw 'which I doubt' or your server was hacked, but why would they just want to empty out a few tables?

    Sounds like a hd issue to me, no matter what a host says or does not say.
     
    GRIM, May 5, 2008 IP
  19. avtomat

    avtomat Banned

    Messages:
    69
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #19
    I am considering using SMF.
    It is very irritating to update phpBB after you have modified it with a lot of hacks.
     
    avtomat, May 5, 2008 IP
  20. Jackuul

    Jackuul Well-Known Member

    Messages:
    2,972
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    130
    #20
    The automatic updater seems to do fine even with hacks.
     
    Jackuul, May 5, 2008 IP