UBB.threads PHP Forum Software Community Forums General Off Topic Hit by false URL posting

Hi - wonder if someone can perhaps clear up how it was most likely someone managed to create a directory and subsequent URL etc on our messageboard.

It appeared in the directory /cron/ directory.

HTML markup was enabled and I am assuming this is the most likely way they acheived this malicous posting. Would this be correct as the easiest/only way in for them via UBB Threads?

Is their anything else I can do to protect the board and run checks to look for malicious content?

Any help is much appreciated.

thanks

What version are you currently running? HTML enabled for users is generally a bad idea as it allows them to post things like javascript, however if you are running an earlier version it could have been one of the security issues that were patched up.

Running checks for malicious content, you'd probably want to look through each directory, if you go in by FTP you can order the file list by modification date so you can see what has been recently uploaded or changed.

Hello Rick - I am running 6.5.2

I now realise that HTML is a bad idea - I have to wonder if it is such a security risk why it was allowed at all as an option?

I have disabled html and will check directories regularly.

thanks for your help

Jeff

If you can't upgrade to version 7 at the moment, I would recommend upgrading to 6.5.5 at the very least. 6.5.2 had a few exploits available that may have been used.

As for the HTML option. Since you can enable it on a per forum basis, some will do this for their admin/mod forums or on an intranet type site where all users are trusted.

Hi Rick

How can I tell if I am eligible for a free upgrade?

If your members area access is current, then you'll be able to download the latest version. Basically if you have your license # and password then you can try logging into the members area

Thanks - I can download the new version 7.02

Question, if I may? What will happen to all the posts in my current version (6.5.2)?

Do I need to download the importer "From UBB.threads 6.5.x"
and will this do the job well?

Their seems to be a note beneath that says:

Older Versions: 6.5.5
Note: Support for this version is limited, with the release of version 7.0. We provide this for upgrade purposes only.

You'll want to follow these instructions.

Basically, you'd need to install version 7, and then you download the importer and you import all of your data into version 7. So all of your posts, users, etc. will be imported into the new version.

Hi again

I have found these files in my cron/ directory - I am assuming these are not part of the regular install of UBB Threads?
Can anyone confirm this please?


bot.txt
jz.php
mx.zip
coco.php

No, those are definitely not part of the threads installation.

Which means you'll need to check the other folders in your install for files that shouldn't be there.

If it were me I'd make a backup copy of my includes folder and delete the whole set of folders in your forum install (your data in your database will be safe). Those files could be anywhere in your site's folders.

Deleted already - as soon as my tech guy appears it will be an install of 7.0.2.

Is this good in terms of security? I seem to attract attacks to our boards :-(

There are no known security exploits in threads 7.0.2

great - sounds good!!