The forum of the forums
Would you like to react to this message? Create an account in a few clicks or log in to continue.

Forum hacked with sig script help

4 posters

Go down

Forum hacked with sig script help Empty Forum hacked with sig script help

Post by tozol July 12th 2011, 13:33

Hi guys,

Logged on this morning to my forum after users reported problems,
And sure enough, got this dam stupid hack, the last 3 new members had caused a hack were a " stupid nano cat" thing popped up.

I have done my best through admin panels, to remove and ban the users responsible.

However a weird anomaly has me worried, when I now go in to remove the now" guest" posts they made, it logs me out and asks for my password.

So can anyone give me some ideas, on " have I done the right thing to clean up" how do I make sure it's been sorted properly.
And how do I get rid of there guest posts now in the forum.

Thanks

Toz


EDIT

Ok guys,
update, and something i can't fix,

Right now, I have narrowed it down to 3 new members, which I found a load of sig stuff that made the stupid hack appear whenever you entered a post or thread they were in.

Now solution, I then banned each user, went into admin, removed the sig stuff in each one, and then banned/removed them.
BUT, and here is the problem, I now see only "guest" were they posted, so now I'm trying to remove them.
But , I can delete "some" of them, but on some of the threads, when you enter them, it asked for your password, which of course I don't want to do.

Members are reporting the same thing about logging in.

One more weird anomaly, in my admin panel I notice this....
(Forbidden user name ) (Username Guest is forbidden)

Which is stopping me deleting the rest of the "guest"posts.

my forum is at....
http://crankygamersuk.forumotion.net/

Guys, could do with a bit of help, first on how to get rid of these guest posts, and really need to know why its asking for folks to reenter there passwords.

cheers
avatar
tozol
Forumember

Male Posts : 32
Reputation : 1
Language : english

Back to top Go down

Forum hacked with sig script help Empty Re: Forum hacked with sig script help

Post by tozol July 12th 2011, 15:34

OK Update.

We got an email from the "supposed " hacker, actually telling us to just disable HTML, and told us to stop using formulation.

now, this did fix it.this allowed us back in to finally delete all the now "guest"

the massive worry for me, this last hacker actually got into admin, and only quick thinking by me stopped him and deleted him.

now the only way this was possible in my eyes, was what I said earlier, when clicking the posts, it looked like it logged us out, and then re-enter passwords, that is how this person then must have got in to be an admin.

Luckily I dont think the damage was big, I have now made sure that I have updated to a proper password.

The very big thing to note, when this so called "hack" was going on, I noticed at the last minute what looked like much tabbed windows upon windows, that was when I realized something was wrong.

I would really like an admin reply here, as to whats happened, and what can be down to stop it.
This is not good he got in to admin, if the HTML dissallow has fixed it then great, but folks need to be aware.

And before anyone says its someone who knows you, I'm the only admin on it, and have been since the start.


ONE final thing....

someone please at least answer me, how can we stop this HTML problem??, and ill tell you why.

OK disabling has stopped our problem, but , it has had a very big effect on my forum, example.
we have a podcast, with a player that is HTML generated, so there is one problem
another signatures, some have HTML.

What I"m getting at here, is , surely there must be a fix to get round this problem, as we need html, but clearly it's open to attacks like this.

Help??



Last edited by tozol on July 12th 2011, 18:17; edited 1 time in total
avatar
tozol
Forumember

Male Posts : 32
Reputation : 1
Language : english

Back to top Go down

Forum hacked with sig script help Empty Re: Forum hacked with sig script help

Post by Sanket July 12th 2011, 18:05

Well you already know what happened.

A person who has no life, just posted a buggy code which caused the problem. The best is to disabling html on your forum, whenever this happens. Sometimes, disabling the bbcode is required too.
Sanket
Sanket
ForumGuru

Male Posts : 48766
Reputation : 2830
Language : English
Location : Mumbai

Back to top Go down

Forum hacked with sig script help Empty Re: Forum hacked with sig script help

Post by tozol July 12th 2011, 18:18

Sanket wrote:Well you already know what happened.

A person who has no life, just posted a buggy code which caused the problem. The best is to disabling html on your forum, whenever this happens. Sometimes, disabling the bbcode is required too.

Thanks to the reply
But as you can see from my last edit, we need HTML for important things, how do we sort this out, or can we.?
avatar
tozol
Forumember

Male Posts : 32
Reputation : 1
Language : english

Back to top Go down

Forum hacked with sig script help Empty Re: Forum hacked with sig script help

Post by SLGray July 13th 2011, 04:00

You turn html amd bb codes off to remove the problem. When you removed all of the problem, you turn the codes back on.


Forum hacked with sig script help Slgray10

When your topic has been solved, ensure you mark the topic solved.
Never post your email in public.
SLGray
SLGray
Administrator
Administrator

Male Posts : 51463
Reputation : 3519
Language : English
Location : United States

https://forumsclub.com/gc/128-link-directory/

Back to top Go down

Forum hacked with sig script help Empty Re: Forum hacked with sig script help

Post by tozol July 13th 2011, 04:03

slg wrote:You turn html amd bb codes off to remove the problem. When you removed all of the problem, you turn the codes back on.

thanks for the reply, but not to sound stupid..why would I do that, so they can just come back and do it again.?
It would turn in to a running battle of never ending clean up.
avatar
tozol
Forumember

Male Posts : 32
Reputation : 1
Language : english

Back to top Go down

Forum hacked with sig script help Empty Re: Forum hacked with sig script help

Post by sign da tits July 13th 2011, 04:14

tozol wrote:
slg wrote:You turn html amd bb codes off to remove the problem. When you removed all of the problem, you turn the codes back on.

thanks for the reply, but not to sound stupid..why would I do that, so they can just come back and do it again.?
It would turn in to a running battle of never ending clean up.
Well, considering a lot of sites are vulnerable to XSS or SQL or other variations of languages, then the only thing to do is to ban the IP of the user, if the person is untraceable then search around.
sign da tits
sign da tits
Forumember

Male Posts : 236
Reputation : 30
Language : British English, AutoIt
Location : England!

http://www.devforumz.com/

Back to top Go down

Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum