Sub Menu
Links Menu
Online Users

In total there are 309 users online :: 3 registered, 0 hidden and 306 guests

Most users ever online was 1091 on Wed Aug 16, 2023 5:27 pm

Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot] based on users active over the past 60 minutes

admin panel flaw or hack?

This is where youll find security related information.
Discuss Integramod/phpbb security issues here.

Moderator: Integra Moderator

admin panel flaw or hack?

PostAuthor: tattee » Tue May 15, 2007 9:44 pm

I was wondering if anyone knew what causes this.. it happens a lot and I've always chalked it up to a hack.. but a couple of members who's IP's do this are known good standing members.. so it makes me go hmmm? Does anyone have any ideas?

snapshot::
[code]http]

thanx tattee
Last edited by tattee on Fri Jan 11, 2008 11:46 am, edited 1 time in total.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CS/CM d-(++) s+: a+45 C++(++++) UB+++;++++ P++ L- E--- W+++ N+ o++ K- !w O-
M--(-) V- PS+ PE Y !PGP t-(+++) 5++ X- R tv- b++ DI+ D+++ G+++ e+;++++ h* !r !y
------END GEEK CODE BLOCK------
User avatar
tattee
Members
Members
 
Posts: 47
Likes: 0 post
Liked in: 0 post
Joined: Tue Sep 12, 2006 12:36 am
Cash on hand: 0.00

Re: admin panel flaw or hack?

PostAuthor: Frost » Tue May 15, 2007 9:59 pm

Are they being banned or are you talking about it listing them all the way down the page with repeat entries?
Last edited by Frost on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
[size=99px]PhpBB3 Themes[/url] ]PhpBB3 Development Center[/url] [/size]

Frost
Sr Integra Member
Sr Integra Member
 
Posts: 776
Likes: 0 post
Liked in: 0 post
Joined: Wed Sep 13, 2006 1:04 am
Cash on hand: 0.00
Location: Photoshop CS3

PostAuthor: tattee » Tue May 15, 2007 10:11 pm

it shows multiple entries.. always as guest.. and shouldnt be in private messages.. this particular person i banned for this reason.. safety first until i get to the reason behind this.
Last edited by tattee on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CS/CM d-(++) s+: a+45 C++(++++) UB+++;++++ P++ L- E--- W+++ N+ o++ K- !w O-
M--(-) V- PS+ PE Y !PGP t-(+++) 5++ X- R tv- b++ DI+ D+++ G+++ e+;++++ h* !r !y
------END GEEK CODE BLOCK------
User avatar
tattee
Members
Members
 
Posts: 47
Likes: 0 post
Liked in: 0 post
Joined: Tue Sep 12, 2006 12:36 am
Cash on hand: 0.00

Re: admin panel flaw or hack?

PostAuthor: Frost » Tue May 15, 2007 10:29 pm

Hmm, maybe the user was just looking at everyone's profile? lol

I can't offer any intelligible answer, other than if you think the user is up to something, ban them

In a similar experience, I just banned the first person to sign up to my premod site because the website they had in their website section attempted to force any unsuspecting viewer to download active x controls.

After researching the link I found several websites that had been hacked listed on google, as well as tons of spam sites.

I managed to catch the user just after registration, but still you never know what someone is up to until they do something. You could be banning an innocent user.
Last edited by Frost on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
[size=99px]PhpBB3 Themes[/url] ]PhpBB3 Development Center[/url] [/size]

Frost
Sr Integra Member
Sr Integra Member
 
Posts: 776
Likes: 0 post
Liked in: 0 post
Joined: Wed Sep 13, 2006 1:04 am
Cash on hand: 0.00
Location: Photoshop CS3

Re: admin panel flaw or hack?

PostAuthor: tattee » Wed May 16, 2007 10:21 am

"Frost";p="25390" wrote:You could be banning an innocent user.


better safe than sorry.. my motto
Last edited by tattee on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CS/CM d-(++) s+: a+45 C++(++++) UB+++;++++ P++ L- E--- W+++ N+ o++ K- !w O-
M--(-) V- PS+ PE Y !PGP t-(+++) 5++ X- R tv- b++ DI+ D+++ G+++ e+;++++ h* !r !y
------END GEEK CODE BLOCK------
User avatar
tattee
Members
Members
 
Posts: 47
Likes: 0 post
Liked in: 0 post
Joined: Tue Sep 12, 2006 12:36 am
Cash on hand: 0.00

Re: admin panel flaw or hack?

PostAuthor: Frost » Wed May 16, 2007 4:39 pm

[Off Topic..sort of]

You know.. in all my years of messing with phpbb as a whole, including nuke, postnuke, phpbb, icy phoeniz, plus. integramod, etc..

I've not one single time ever had a problem with a hacker. Maybe I don't draw any attention to myself, or maybe I'm just lucky, but sometimes I purposely left or added the ability for hackers to find my site's software in the header, footer etc..

It's weird that in all that time, and even purposely trying to attract hackers I've never been messed with.

Kind of sad really...

For the purpose of getting a chance to fight back... face to face with them I mean <img>
Last edited by Frost on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
[size=99px]PhpBB3 Themes[/url] ]PhpBB3 Development Center[/url] [/size]

Frost
Sr Integra Member
Sr Integra Member
 
Posts: 776
Likes: 0 post
Liked in: 0 post
Joined: Wed Sep 13, 2006 1:04 am
Cash on hand: 0.00
Location: Photoshop CS3

Re: admin panel flaw or hack?

PostAuthor: tattee » Thu Jan 10, 2008 8:04 am

OK.. I finally figured out this mysterious multiple guest accounts phenomenon...

I just formatted my laptop.. and installed the free pc-cillin internet suite.. [code]http] attached themselves to me and were browsing the complete forum and attaching to other members.

thats what that is.. when there are multiple accounts.. its not the person whos ip comes up, but rather comes from someone using a free suite whereby JPNIC attaches themselves to members..

I know this because a japan ip came up in the crackertracker during an incident.. so i banned the address.. then i followed the blocked logs in the crackertracker log files.. it blocked every move i made.. not me but them. Once the address range was blocked the multiple guest activity stopped.

Also note.. the crackertracker blocked IP logs followed my every move until I uninstalled the pc-cillin.

So, it may be a good idea to make your members aware that reading the small print when installing FREEware might be a good idea cuz they, (the software provider), may actually be breaching your right to protection.
Last edited by tattee on Wed Dec 31, 1969 4:00 pm, edited 1 time in total.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CS/CM d-(++) s+: a+45 C++(++++) UB+++;++++ P++ L- E--- W+++ N+ o++ K- !w O-
M--(-) V- PS+ PE Y !PGP t-(+++) 5++ X- R tv- b++ DI+ D+++ G+++ e+;++++ h* !r !y
------END GEEK CODE BLOCK------
User avatar
tattee
Members
Members
 
Posts: 47
Likes: 0 post
Liked in: 0 post
Joined: Tue Sep 12, 2006 12:36 am
Cash on hand: 0.00


Return to Forum Security

Who is online

Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot]

cron