I gotta tell ya'll...I'm totally baffled along with my other moderators on this one...

I'm running v6.5 and the other day a member, "sabastian" had registered an account through an email address of "[email protected]" with the following IP information:

Registration / First IP: 03/11/05 01:30 PM - 69.251.71.162
Last Post / IP: 03/11/05 01:53 PM - 69.251.71.162

Turns out that this person managed to get into the Moderator's Lounge and post up some very obscene language to all of us.

Can you all help me understand how someone could have gotten himself registered and within 7 mins of him becoming a registered user of the site get access to our Moderator's Lounge and post?

I'm the only Admin on the site and I had not been on the site for a few days prior to this happening. Another Mod had called me via the phone and told me someone got unauthorized access to the Mod Lounge and I may want to squash it.

Any help on figuring this one out is greatly appreciated.

Mark
www.f-bodyhideout.com

From memory - I seem to recall this happening to someone else - I have done a search and can't find it straight away. Found one about a mod still getting subscriptions, but am sure that someone actually posted in a hidden forum.

If I find it, I will advise.

It sounds like a sql injection exploit.
Remember 6.5.1.1.....

yeah I was trying to figure out how you inject yourself into the administration area.. you would have to add yourself to the moderator or administrator group. unless the post was added with a sql injection?

possible a mod just moved the post to the admin forum? We move questionable posts here to the staff forum

Eeeck! I'm so sorry for getting some of you worried yourselves as to the security of Threads.

It did turn out that one of our Mods moved this user's post to the Mod Lounge. The Mod had moved the post and did not tell any of us and was off the board for some time.

I'm so sorry to have alerted you all before I got the full scoop on this one....