|
|
|
|
Joined: Dec 2000
Posts: 371
Member
|
|
Member
Joined: Dec 2000
Posts: 371 |
After a horrific night when a person stole a moderator's password and deleted all the postings in a forum, i really want to know how this was achieved. You can PM or mail me if you don't want to discuss this issue on a public forum.
Ofcourse it's obvious that there was either a brute force guess with success, or the person used a script to "catch" a password out of a cookie. Altough we've banned the ip from forum and even the whole server, i'm afraid this will happen again. We use the html function and ok, shoot me for that but isn't there a way to do this safe? Will there ever be html in the ubb without danger?
|
|
|
|
|
Joined: Dec 2000
Posts: 371
Member
|
|
Member
Joined: Dec 2000
Posts: 371 |
I want to praise the makers of the modlog hack and the extended ip tracing for ubb 6.3 because without this functions much more damage was done.
|
|
|
|
|
Joined: Feb 2001
Posts: 817
Moderator / Kingpin
|
|
Moderator / Kingpin
Joined: Feb 2001
Posts: 817 |
There are many ways to accomplish such an attack but he probably did something with a script as you suggested. I'd be willing to bet he also got more than just one moderator's password, especially if other moderators or admins read the topic he had it in. If you want to prevent this from happening again you need to upgrade to the newest version (if you're not already using it) and disable HTML on your community. Unfortunately there are just too many ways for people to get around the HTML filters and it can never be 100% fail safe. By having it enabled you're at higher risk. There are a couple thing you should do immediately since you were compromised to prevent more attacks by the same person. - Check all recent posts for scripts and remove them.
- Change all your moderator's and admin password's.
- Change your FTP password(s)
- All your passwords should be unique...don't have the same password for an admin AND your ftp for example.
- Use letter and number combinations for all your passwords and don't use words that can be found in any dictionary.
- Manually check all the pages, scripts, and graphics on your server to ensure everything is what it's supposed to be and not another script that can be used to gain access back in.
- Search your members directory to ensure no new Admins were added.
Good luck!
|
|
|
|
|
Joined: May 2001
Posts: 6,708
Member
|
|
Member
Joined: May 2001
Posts: 6,708 |
He probably got into your FTP and stole a password from there I'd say.
|
|
|
|
|
Joined: Jun 2001
Posts: 2,849
Spotlight Winner
|
|
Spotlight Winner
Joined: Jun 2001
Posts: 2,849 |
6.3 is a lot better than previous versions but turn HTML off first thing. I had a member that showed me a lot of holes in UBB and I was amazed at how easily it could be done.
|
|
|
|
|
Joined: Dec 2000
Posts: 371
Member
|
|
Member
Joined: Dec 2000
Posts: 371 |
Thanks for the tips, i go after it right away. All passwords are changed, html is disabled.
I've tried to install several times the html mod for admins and moderators but without success.
Maybe it would be good if this option will be available in the next ubb versions.
|
|
|
|
|
Joined: Feb 2001
Posts: 817
Moderator / Kingpin
|
|
Moderator / Kingpin
Joined: Feb 2001
Posts: 817 |
quote:
Originally posted by Variables:
I've tried to install several times the html mod for admins and moderators but without success.
Maybe it would be good if this option will be available in the next ubb versions.
I agree, it would be a nice option.
You should post it over at the Infopop Support Community in the Feature Suggestions forum. They do read the suggestions there and the more often something is suggested the more likely it will be included in future versions. 
|
|
|
|
|
Joined: Jun 2002
Posts: 16
Junior Member
|
|
Junior Member
Joined: Jun 2002
Posts: 16 |
should i be worried, if so what changes or add ons do i need to make ?
|
|
|
|
|
Joined: Jun 2001
Posts: 2,849
Spotlight Winner
|
|
Spotlight Winner
Joined: Jun 2001
Posts: 2,849 |
quote:
Originally posted by SLAM SLAM:
should i be worried, if so what changes or add ons do i need to make ?
If you are running an out of date version then you should upgrade to 6.3 and turn off HTML. Beyond that just normal safe practices about passwords.
|
|
|
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.
|
|
|
Posts: 1,157
Joined: July 2001
|
|
|
Forums63
Topics37,573
Posts293,925
Members13,849
| |
Most Online5,166
Sep 15th, 2019
|
|
Currently Online
Topics Created
Posts Made
Users Online
Birthdays
|
|
|
|
|
|
