PDA

View Full Version : What happened to the board?


OnyxZ28
12-20-2004, 07:34 PM
Looks like someone hacked in.

Craig Sheppard
12-20-2004, 07:37 PM
Yeah, and it looks like they had to restore the board from backups... seems to be a day worth of posts missing.

Craig

raftermania
12-20-2004, 07:47 PM
Yup, I got a message about a webworm when I signed in.

Craig Sheppard
12-20-2004, 07:56 PM
Yeah, I first saw the message around 6pm EST. I hope TW addresses it on the site somewhere. And I hope they find the ******* SOB who did it.

Craig

Redflea
12-20-2004, 08:00 PM
That explains it....thought I was losing my mind. I knew I had put in a couple of posts recently and when I didn't see them in a thread I was trying to figure out if I had been dreaming or worse. :-)

Frodo Baggins
12-20-2004, 08:30 PM
at lease I wasn't the only one... What did Happin an why? If it happins again I hope Tw alerts us Before it happins.

OnyxZ28
12-20-2004, 09:20 PM
It's really hard to foresee this kind of hacking happening, Frodo, it's not like TW's going to have a "Hacker Alert Level" like the gov't does. :D I've a sneaking suspicion it's that spammer from www.tennis-world.org.

K!ck5w3rvE
12-21-2004, 12:22 AM
lol if in doubt, blame the spammer from Tennis World. BTW, does anyone else hate the fact that you can't copy and paste stuff from that site, or get pics etc.....?

StringBreaker
12-21-2004, 01:39 AM
Can't stress how important it is for TW to update the forums to 2.0.11. There are a huge variety of exploits that can be used to hack phpBB unless you upgrade to .11. If any admins are reading this please do it!! You also need to get your hosts to update php to 4.3.10. (you are currently on 4.3.2)

They can keep hacking the forums with ease until you upgrade to the latest versions of both.

b.
12-21-2004, 02:57 AM
It happened in the middle of my reading. I opened few threads to read offline, refreshed the board to find some more and there it was - imbecile's signature...

VashTheStampede
12-21-2004, 05:24 AM
Yes, this was pretty freaky. I hope this idiot gets caught. Does anyone remember what that signature was?

b.
12-21-2004, 11:27 AM
I was just postin when it happened again! Pathetic creatures with tiny little penises hacked board again!

I'm really ****ed. When someone can not make anything, he is destroying someone's elses work.

Craig Sheppard
12-21-2004, 11:40 AM
Yeah I saw that too--it was back up in 5-10 min though. Hopefully TW's staff is working to patch the board software.

TW Staff
12-21-2004, 05:10 PM
Nobody is Hacking our board. It's a worm that affects the Highlighting function of certain PHPBB versions. We are working to fix this, hopefully this gets fixed permanently tomorrow. I will keep you all updated as I learn more about this. One thing I do know is this worm cannot affect our members/Users computers, it only affects certain files on our server.

Here is more info about this worm: http://news.zdnet.com/2100-1009_22-5500265.html

Thanks,
Jon
Tennis Warehouse

StringBreaker
12-21-2004, 05:35 PM
Well an update to 2.0.11 on phpbb and 4.3.10 on php will close all known vulnerabilities to both this worm and worms like it and all currently known hacking exploits (a huge number of which have been found between 2.0.6 and 2.0.11).

PS the board was indeed hacked, but by a mass worm instead of a single hacker. The vulnerability was a recent highly publicsed exploit that was closed in version 2.0.11, the santy worm exploited the hole to hack phpbb forums that werent updated, but used automation via google to search for "Powered by phpBB 2.0.10/2.0.9 etc etc" to find its targets.

LafayetteHitter
12-21-2004, 06:45 PM
The only thing I can say about someone who spends valuable time making a worm such as this is, "WHAT A WORM"!

We should have the death penalty for such creatures so we can rid ourselves of such stupidty!

Usually i'm mellow on here but this was just stupid, TW provides such a great place like this forum and these idiots have nothing better to do.

Scott

TW Staff
12-21-2004, 08:21 PM
...PS the board was indeed hacked, but by a mass worm instead of a single hacker...

True, I want everyone to know that our board has not been singled out and hacked. This worm has affected over 40,000 boards, we were simply one of the unlucky 40,000 out of over 5 million sites that are still running 2.0.10 or below. This should be resolved on our end by thursday.


The only thing I can say about someone who spends valuable time making a worm such as this is, "WHAT A WORM"!

We should have the death penalty for such creatures so we can rid ourselves of such stupidty!

The person who spends valuable time to make such a worm probably argues he is doing a favor to the phpbb community by forcing them to produce a better product. Fortunately this was a rather harmless worm. If the author was more malicious, I am sure he could have baked up something far worse than this.


Thanks,
Jon
Tennis Warehouse

LafayetteHitter
12-21-2004, 08:24 PM
Glad you guys have a solution. Yes I read the story on ZD this morning about the worm affecting 40,000 boards. I was just aggrivated since this is my favorite place on the web, so it was annoying to have it hit close to home. Thanks for such a great board though, wouldn't be the same without it.

Scott

ty slothrop
12-22-2004, 08:56 AM
Thanks for such a great board though, wouldn't be the same without it.


you can stop now, Scott, they gave you the agassi racket already:wink:

Frodo, it's not like TW's going to have a "Hacker Alert Level" like the gov't does.

well, Tom "Mister Orange Alert" Ridge IS out of a job now...