Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online Now
2 registered members (Gizmo, mmkk), 69 guests, and 241 spiders.
Key: Admin, Global Mod, Mod
Member Spotlight
whk
whk
Portsmouth, RI
Posts: 86
Joined: January 2009
Show All Member Profiles 
Top Posters(30 Days)
Gizmo 14
FREAK 11
M4TT 9
mmkk 5
Ruben 4
isaac 4
Latest Photos
Chinese Buddhist temple.
My buddha beads.
Rendered Walls
Multi-Screen wallpaper
Stockholm Metro
Previous Thread
Next Thread
Print Thread
Classic board hacked? #217769
10/10/08 02:27 PM
10/10/08 02:27 PM
Joined: Oct 2008
Posts: 7
Z
zoomeister Offline OP
stranger
zoomeister  Offline OP
stranger
Z
Joined: Oct 2008
Posts: 7
I now have set up a UBB.threads board 7.3.1 and imported my UBB.Classics threads/posts/members to it and the Threads board is running smoothly. However, the Classic board (6.7.1), that I will be turning into an archive board shortly, has been hacked by one or two people as soon as I shut down registrations. I have the Classic board set so that only registered users can post, but this person, or persons is not only able to post, he/she can start a new topic. It has happened in two different forums so far.

So I have a question. Will this person(s) be able to do the same thing to my new Threads board? I know the PHP format is vastly different from the old perl scripts, but I'm not sure what this person is exploiting to get in. I'm not worried about the old board because when I archive it I'll just change the file permissions so that nothing will be writable anymore when I archive it, but what about my new Threads board? Will they be able to do the same thing there?

Express Hosting
Express Hosting "We are the official hosting company of UBB.threads. Ask us about our free migration services to migrate your UBB.threads installation."
Re: Classic board hacked? [Re: zoomeister] #217782
10/10/08 04:59 PM
10/10/08 04:59 PM
Joined: Jun 2006
Posts: 16,784
Portland, OR; USA
Gizmo Online tapedshut
UBB.threads Developer
Gizmo  Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 16,784
Portland, OR; USA
Well, the two products are completely different; so whatever they're using to post won't be there...

Just make sure after you move that the user isn't an admin and you should be good to go...


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Forums: A Gardeners Forum Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Re: Classic board hacked? [Re: Gizmo] #217786
10/10/08 06:30 PM
10/10/08 06:30 PM
Joined: Oct 2008
Posts: 7
Z
zoomeister Offline OP
stranger
zoomeister  Offline OP
stranger
Z
Joined: Oct 2008
Posts: 7
Thanks, Gizmo. No, it's not an admin, it's not even a user, at least according to the IP numbers. I tried to run a DNS on them, but they wouldn't resolve. I put them in a browser and it led to a Chinese site. A lot of the spam-bot registrations that plague the Classic board are from a .cn site, so no surprise, I guess. I'd just like to know how they can post on a board that is set to users only.

Re: Classic board hacked? [Re: zoomeister] #217798
10/10/08 09:14 PM
10/10/08 09:14 PM
Joined: Feb 2007
Posts: 1,318
Pennsylvania
JAISP Offline
veteran
JAISP  Offline
veteran
Joined: Feb 2007
Posts: 1,318
Pennsylvania
Go to www.arin.net to check the IP address. If it is over sea's it will tell you where to go to find out where they are.

Re: Classic board hacked? [Re: JAISP] #218928
11/08/08 12:44 AM
11/08/08 12:44 AM
Joined: Oct 2008
Posts: 7
Z
zoomeister Offline OP
stranger
zoomeister  Offline OP
stranger
Z
Joined: Oct 2008
Posts: 7
Here's kind of an update. Ever since I shut down registration on the old board, someone hacks in about twice a week and it's like they do it just to prove they can. I was actually in the midst of turning the forums one by one into archive-read only forums and the creep struck again.

What I've discovered is it seems the person or persons hacking and spamming the board have to use "<>" to bracket the name they choose to post with. Like say "<hacker guy>" and they get in. I don't have a clue how they're doing it, but I thought I'd let you know.

Re: Classic board hacked? [Re: zoomeister] #220155
12/11/08 12:57 PM
12/11/08 12:57 PM
Joined: Jul 2006
Posts: 2,199
David Dreezer Offline

Pooh-Bah
David Dreezer  Offline

Pooh-Bah
Joined: Jul 2006
Posts: 2,199
<> around a name is automatically added by the UBB and indicates the person is not registered and is posting as a guest. Do you have guest posting enabled?


This thread for sale. Click here! [Linked Image]

Shout Box
Today's Birthdays
No Birthdays
Recent Topics
Shout Box Sound Effect
by M4TT. 11/29/17 08:28 PM
Ad island
by TGCsanderson. 11/25/17 06:41 PM
Taking to long to connect to DB
by AstroCat. 11/24/17 12:34 PM
I want to update forum but can't find license
by dimaninc. 11/23/17 10:51 AM
Forum Statistics
Forums36
Topics35,014
Posts190,530
Members12,045
Most Online978
Jun 24th, 2007
Random Image
Powered by UBB.threads™ PHP Forum Software 7.6.1
(Snapshot build 20171106)