neuron2's video forum hacked

[BruceL]

neuron2's video forum appears to have been crudely hacked.

[Sirber]

Yeah, seems to. Is phpBB secure?

http://neuron2.net/board/

[dragongodz]

ye, real mature.

[Axed]

Its good to see the way some people treat such a great and productive member of the Video Encoding community. This is a big shame, there was some really useful information on the forums.

[Doom9]

phpBB, unfortunately, isn't the safest bulletin board around and you regularly have to upgrade it. A lot of phpBB boards have been hacked in the past few months, and to make things worse, there were worms that automatically attacked known weaknesses of phpBB boards. Those worms also tried to get in here, but not being a phpBB they didn't have any luck.

Also, it's important that you always keep up with the PHP version (also not quite the most secure language there is).

[mpucoder]

From the looks of it his admin account was broken into. All the defacement is areas that can be changed from the admin panel. ie, no php was altered, nor was MySql broken into. Someone just guessed his password.

Donald, what I did to add some security was put basic authentication on the directory containing the admin scripts. This means you have two usernames and passwords to enter before you can acces the admin panel. Make them different.

[Guest]

I've just woken up and find this.

I'm in LA at DirecTV and I don't have time to mess with this. I asked my host to explain, since they had told me the PHPBB was upgraded.

I suppose this means the death of the forum.

[Sirber]

Do you have backups?

[Guest]

Yes, but I won't bring it back up unless I can be assured that I won't have to spend my life patching PHPBB vulnerabilities and worrying about whether I will wake up to find all my efforts wiped out by some low-life.

[mpucoder]

As I said, simple password hack. They managed to figure out your password and access the board as you, with admin priviledges.

[Sirber]

yeah. the best is a combinaison of letter and numbers

a-z, A-Z and 0-9.

Adding other caracters is hazardeous if you have keyboard problems

[Guest]

Quote:

Originally posted by mpucoder
As I said, simple password hack. They managed to figure out your password and access the board as you, with admin priviledges.

That's speculation on your part.

The board is back up now.

[mpucoder]

Quote:

Originally posted by neuron2
That's speculation on your part

Yes, based on the fact that no php was changed, only the content that can be changed from the admin panel. The only other way to change the contents is to break into the database, and I doubt that your host has exposed the MySql interface, although I could check if you like.
I also run a phpBB, so it's easy to spot what was changed. I also added a log file to mine to record, among other things, bad password attempts. If you have such a log you can look for the break in.
And ask your host if basic authentication can be added to the admin directory, it adds another level of security.

[Sirber]

Can I have your tweaks?

[bond]

seems the bsplayer forum (phpbb) has also been hacked:
http://forum.bsplayer.org/viewtopic.php?t=6426

according to betaboy (corecodec) thats fake

[Sirber]

What's going on?

[edit]

I upgraded mine to 2.0.13. I have the latest php too. I think I will set some .htaccess on /admin ...

[rjamorim]

phpBB is a terrible, buggy and unsafe forum platform. I know of at least 6 forums that have been hacked (counting neuron2's and BSplayer's). I'm advising all people I know that are using phpBB to move to something else. vBulletin or Invision 2.0x if they are willing to pay, or Invision 1.3.1 if they aren't.

No wonder they are changing their forum name to "Olympus" in an attempt to get rid of the huge bad karma they have...

[Neo Neko]

Quote:

Originally posted by rjamorim
phpBB is a terrible, buggy and unsafe forum platform. I know of at least 6 forums that have been hacked (counting neuron2's and BSplayer's). I'm advising all people I know that are using phpBB to move to something else. vBulletin or Invision 2.0x if they are willing to pay, or Invision 1.3.1 if they aren't.

No wonder they are changing their forum name to "Olympus" in an attempt to get rid of the huge bad karma they have...

I have to disagree with you quite a bit. It is not that buggy. And it's not that unsafe. No more so than any of the alternates you have mentioned. Frankly I think PHPBB is just having a bad go. This recent vulnerability has turned out bad. Unfortunatly with all the other BBS software either pay or going pay. This leaves PHPBB free and clear in the rather large field of users who can't afford the alternate solutions. Unfortunatly these are also the people that often don't do that well patching their desktop OS let alone PHP based forum software.

The only real gripe I have ever seen as reasonable are the lack of some features etc. But as far as that is concerned it's not that big a deal. I mean after all you get what you pay for. And in this case more. This is just yet another case of people not keeping up with patches or their web hosts not keeping up in Donald's case. But Don appears to be a good admin with backups handy and his host should have their patches up to date now.

[BlackSun]

I confirm that story was totally a fake and I was the first surprised to see that and didn't found it funny, that someone in the audio/video world use my name like that.

[Sirber]

Why did he do that?