• Registered: 2011-07-11
  • Posts: 1

Topic: My Forum Hacked

Hi,

While I love the idea of the lightweight BB I have some concerns over it's security. My bb has twice been hacked in the last month. The first time I didn't know about the extensions and updating with the latest patches. So I deleted the whole cpanel acc and stared again.

As far as I know my cpanel account is secure.
I have very long and complex passwords, I have the latest version with all patches applied.

I'm willing to try one more time. I'm not a Unix/Apache expert by any means so what do I need to do to secure Pun BB? I notice that all the db details are spelled out in the Config.php file - not too secure, but it looks like the index.php file was updated......


<html Dr. Cruzz IndonesianCoder Team (c) 2011 >
<html>
<title>..// Hacked by Dr. Cruzz >>> </title><link rel="SHORTCUT ICON" href="">
<meta name="description" content="Hacked by Dr. Cruzz">
<meta name="keywords" content="Hacked by Dr. Cruzz , Dr. Cruzz , Dr.Cruzz, Hacked by Dr_Cruzz, XcruzzmiX, IndonesianCoder , Indonesian Coder, Dr. Cruzz IndonesianCoder , IndonesianCoder Team , hacked by indonesia, Hacked, Hacked by IndonesianCoder Team">
<body oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'>
<body bgcolor=#333333>
<br><br><br><br><center>
<font size="5" face="AgencyFB" color="red"> <b>Hacked by Dr. Cruzz</b></font><br><br>
<img src=""width="400" height="3"><br>
<font size="3" face="Pristina" color="red">Marhaban Ya Ramadhan that will come soon</font><br>
<font size="3" face="Pristina" color="red">Get the Codes and Feel the Soul</font><br>
<font size="2" face="AgencyFB" color="red">Hmei7 - k4l0ng666  - Kamtiez - Jundab - boebefa - s13doeL </font><br>
<font size="2" face="AgencyFB" color="red"><b>[ We Are Single Attacker ]</b></font><br>
<font size="2" face="AgencyFB" color="red"><b>| DEFACERZ OF INDONESIAN H4X0R |</b></font><br>
<font size="2" face="Pristina" color="red">Contact me : cruzz@defacerz.com | cruzz@indonesiancoder.com </font><br><br>

<font size="4" face="Pristina" color="red">./e0f </font><br>
</center>
<embed src=" quality="High"></embed>
</body>
</html>

  • From: New York (The Best State)
  • Registered: 2010-10-27
  • Posts: 152

Re: My Forum Hacked

Are you sure it was punbb that let the hacker in? If you're on shared hosting, it could have been anyone on the same server as you.

hklown's Website

3 Reply by Grez

  • Grez
  • PunBB senior member
  • Offline
  • From: Czech Republic
  • Registered: 2008-12-03
  • Posts: 248

Re: My Forum Hacked

IMO it seems, that this isn't targeted attack against your site (or PunBB), but because of the amount of attacks it might be a virus of some kind (for example one that infects your computer, takes your stored FTP passwords and then changes all the index files on your site), or hacking the server itself.

Eraversum - scifi browser-based online webgame

Grez's Website