What happened to the board?

Discussion in 'TW Questions/Comments' started by OnyxZ28, Dec 20, 2004.

  1. OnyxZ28

    OnyxZ28 Hall of Fame

    Joined:
    Sep 14, 2004
    Messages:
    2,143
    Looks like someone hacked in.
     
    #1
  2. Craig Sheppard

    Craig Sheppard Hall of Fame

    Joined:
    Feb 19, 2004
    Messages:
    2,361
    Location:
    Raleigh, NC
    Yeah, and it looks like they had to restore the board from backups... seems to be a day worth of posts missing.

    Craig
     
    #2
  3. raftermania

    raftermania Banned

    Joined:
    Oct 27, 2004
    Messages:
    2,626
    Location:
    Ontario
    Yup, I got a message about a webworm when I signed in.
     
    #3
  4. Craig Sheppard

    Craig Sheppard Hall of Fame

    Joined:
    Feb 19, 2004
    Messages:
    2,361
    Location:
    Raleigh, NC
    Yeah, I first saw the message around 6pm EST. I hope TW addresses it on the site somewhere. And I hope they find the ******* SOB who did it.

    Craig
     
    #4
  5. Redflea

    Redflea Hall of Fame

    Joined:
    Aug 30, 2004
    Messages:
    3,852
    That explains it....thought I was losing my mind. I knew I had put in a couple of posts recently and when I didn't see them in a thread I was trying to figure out if I had been dreaming or worse. :)
     
    #5
  6. Frodo Baggins

    Frodo Baggins Semi-Pro

    Joined:
    Feb 20, 2004
    Messages:
    777
    Location:
    Alberta Canada
    at lease I wasn't the only one... What did Happin an why? If it happins again I hope Tw alerts us Before it happins.
     
    #6
  7. OnyxZ28

    OnyxZ28 Hall of Fame

    Joined:
    Sep 14, 2004
    Messages:
    2,143
    It's really hard to foresee this kind of hacking happening, Frodo, it's not like TW's going to have a "Hacker Alert Level" like the gov't does. :D I've a sneaking suspicion it's that spammer from www.tennis-world.org.
     
    #7
  8. K!ck5w3rvE

    K!ck5w3rvE Hall of Fame

    Joined:
    Feb 19, 2004
    Messages:
    1,621
    lol if in doubt, blame the spammer from Tennis World. BTW, does anyone else hate the fact that you can't copy and paste stuff from that site, or get pics etc.....?
     
    #8
  9. StringBreaker

    StringBreaker Rookie

    Joined:
    Aug 2, 2004
    Messages:
    137
    Can't stress how important it is for TW to update the forums to 2.0.11. There are a huge variety of exploits that can be used to hack phpBB unless you upgrade to .11. If any admins are reading this please do it!! You also need to get your hosts to update php to 4.3.10. (you are currently on 4.3.2)

    They can keep hacking the forums with ease until you upgrade to the latest versions of both.
     
    #9
  10. b.

    b. Rookie

    Joined:
    Apr 16, 2004
    Messages:
    347
    It happened in the middle of my reading. I opened few threads to read offline, refreshed the board to find some more and there it was - imbecile's signature...
     
    #10
  11. VashTheStampede

    VashTheStampede Semi-Pro

    Joined:
    Jun 28, 2004
    Messages:
    590
    Yes, this was pretty freaky. I hope this idiot gets caught. Does anyone remember what that signature was?
     
    #11
  12. b.

    b. Rookie

    Joined:
    Apr 16, 2004
    Messages:
    347
    I was just postin when it happened again! Pathetic creatures with tiny little penises hacked board again!

    I'm really pissed. When someone can not make anything, he is destroying someone's elses work.
     
    #12
  13. Craig Sheppard

    Craig Sheppard Hall of Fame

    Joined:
    Feb 19, 2004
    Messages:
    2,361
    Location:
    Raleigh, NC
    Yeah I saw that too--it was back up in 5-10 min though. Hopefully TW's staff is working to patch the board software.
     
    #13
  14. TW Staff

    TW Staff Administrator

    Joined:
    Jan 21, 2004
    Messages:
    24,320
    Location:
    Tennis-Warehouse.com
    Nobody is Hacking our board. It's a worm that affects the Highlighting function of certain PHPBB versions. We are working to fix this, hopefully this gets fixed permanently tomorrow. I will keep you all updated as I learn more about this. One thing I do know is this worm cannot affect our members/Users computers, it only affects certain files on our server.

    Here is more info about this worm: http://news.zdnet.com/2100-1009_22-5500265.html

    Thanks,
    Jon
    Tennis Warehouse
     
    #14
  15. StringBreaker

    StringBreaker Rookie

    Joined:
    Aug 2, 2004
    Messages:
    137
    Well an update to 2.0.11 on phpbb and 4.3.10 on php will close all known vulnerabilities to both this worm and worms like it and all currently known hacking exploits (a huge number of which have been found between 2.0.6 and 2.0.11).

    PS the board was indeed hacked, but by a mass worm instead of a single hacker. The vulnerability was a recent highly publicsed exploit that was closed in version 2.0.11, the santy worm exploited the hole to hack phpbb forums that werent updated, but used automation via google to search for "Powered by phpBB 2.0.10/2.0.9 etc etc" to find its targets.
     
    #15
  16. LafayetteHitter

    LafayetteHitter Hall of Fame

    Joined:
    Sep 14, 2004
    Messages:
    2,954
    Location:
    Lafayette, Louisiana
    The only thing I can say about someone who spends valuable time making a worm such as this is, "WHAT A WORM"!

    We should have the death penalty for such creatures so we can rid ourselves of such stupidty!

    Usually i'm mellow on here but this was just stupid, TW provides such a great place like this forum and these idiots have nothing better to do.

    Scott
     
    #16
  17. TW Staff

    TW Staff Administrator

    Joined:
    Jan 21, 2004
    Messages:
    24,320
    Location:
    Tennis-Warehouse.com
    True, I want everyone to know that our board has not been singled out and hacked. This worm has affected over 40,000 boards, we were simply one of the unlucky 40,000 out of over 5 million sites that are still running 2.0.10 or below. This should be resolved on our end by thursday.


    The person who spends valuable time to make such a worm probably argues he is doing a favor to the phpbb community by forcing them to produce a better product. Fortunately this was a rather harmless worm. If the author was more malicious, I am sure he could have baked up something far worse than this.


    Thanks,
    Jon
    Tennis Warehouse
     
    #17
  18. LafayetteHitter

    LafayetteHitter Hall of Fame

    Joined:
    Sep 14, 2004
    Messages:
    2,954
    Location:
    Lafayette, Louisiana
    Glad you guys have a solution. Yes I read the story on ZD this morning about the worm affecting 40,000 boards. I was just aggrivated since this is my favorite place on the web, so it was annoying to have it hit close to home. Thanks for such a great board though, wouldn't be the same without it.

    Scott
     
    #18
  19. ty slothrop

    ty slothrop Semi-Pro

    Joined:
    Nov 5, 2004
    Messages:
    552
    you can stop now, Scott, they gave you the agassi racket already:wink:

    well, Tom "Mister Orange Alert" Ridge IS out of a job now...
     
    #19

Share This Page