1
ThePlague
Our Site Was Hacked - We need to know how..
  • 2005/9/21 12:11

  • ThePlague

  • Just popping in

  • Posts: 21

  • Since: 2005/6/27


Yesterday we were held hostage by a hacker. Here is what happened.

He registered an account with an anonymous email address. Then he made some posts and logged out.

He was not even logged in and he was able to change user names, edit posts, and strip away admin rights within forums. He was able to edit posts within seconds after they were made. Even in private forums.

What we need to know, is how is this possible? The system was totaly secure so I thought. We had the latest patches installed. How can someone hack our system in such a way?

I am a fairly decent systems guy, and a good student of the game, and I could not figure it out. So any help is greatly appreciated.

2
highlander
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 12:18

  • highlander

  • Not too shy to talk

  • Posts: 151

  • Since: 2004/12/5


You'll need to go through the accesslogs for yesterday. I believe this is the only way to retrace this persons steps.

Let us know if you find anything.!!

greetings Highlander
So, I'm in the park wondering why frisbees get larger as they get closer when suddenly, it hits me...
http://www.AnimalPedigree.com

3
davidl2
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 12:37

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


Which XOOPS version are you using?

4
ThePlague
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 12:40

  • ThePlague

  • Just popping in

  • Posts: 21

  • Since: 2005/6/27


We are using XOOPS 2.0

5
ThePlague
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 12:42

  • ThePlague

  • Just popping in

  • Posts: 21

  • Since: 2005/6/27


How do I get to the access logs? Looking theough the menu's I do not see access logs.

6
ThePlague
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 12:47

  • ThePlague

  • Just popping in

  • Posts: 21

  • Since: 2005/6/27


If you are speaking of the unix access logs, as in when you log into the system... This site is hosted on yahoo, and I doubt they will be willing to give up their logs for me to review.

Yahoo themselves have not been very helpful either other than saying we should make daily backups (Duh.. We already knew that one)..

7
kaotik
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 12:52

  • kaotik

  • Just can't stay away

  • Posts: 861

  • Since: 2004/2/19


which version are you using for forum? newbb, newbb2, cbb...?

8
ThePlague
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 13:00

  • ThePlague

  • Just popping in

  • Posts: 21

  • Since: 2005/6/27


we are using newbb

9
Jan304
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 13:12

  • Jan304

  • Official Support Member

  • Posts: 520

  • Since: 2002/3/31


Quote:
We are using XOOPS 2.0


More specific please, we know nothing with just the head version number...

Quote:
If you are speaking of the unix access logs, as in when you log into the system... This site is hosted on yahoo, and I doubt they will be willing to give up their logs for me to review.


If your host is unwilling to give you those files, I would advise you to change host. My site is hosted on a shared server, and even I can access at any time with Putty the log files.

Hope this helps you a bit
Oracle: I'd ask you to sit down, but, you're not going to anyway. And don't worry about the vase.
Neo: What vase?
[Neo turns to look for a vase, and as he does, he knocks over a vase of flowers, which shatters on the floor.]
Oracle: That vase.
Neo:...

10
ThePlague
Re: Our Site Was Hacked - We need to know how..
  • 2005/9/21 13:18

  • ThePlague

  • Just popping in

  • Posts: 21

  • Since: 2005/6/27


Xoops 2.1.10 is the actual running version on our server.

Login

Who's Online

481 user(s) are online (370 user(s) are browsing Support Forums)


Members: 0


Guests: 481


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits