pr3sident@whit3house.gov - Joined made himself an admin

[ChristianWebmastersUnion]

oh joy a hacker!

dude joined ,made himself an admin and did nothing else

how can i avoid this, my mybb version is 1.4.7

*edit i had the old version!* patched it now. is there away to get email updates when a new mybb is released?

[labrocca]

Same email at my site that hacked me but that's not his real email. He signed up under spamcero.com I believe then using the exploit changed both his email and signup IP address. I was able to pull out mysql logs to see the actual queries.

[s9TeeN]

I need to learn more about this kinda stuff... lol

[ridwan sameer]

(Jun 24, 2009 02:05 AM)labrocca Wrote:  Same email at my site that hacked me but that's not his real email. He signed up under spamcero.com I believe then using the exploit changed both his email and signup IP address. I was able to pull out mysql logs to see the actual queries.

and to think, you encourage this by having a Forums about Hacking

[s9TeeN]

lmfao He has a forum about computer shit. You might wanna study the site before criticizing it bro! Labrocca himself doesn't really support the act of hacking at all. The site is more about the skills and such hackers have and scripting and such! Seriously check it out before you knock it. Not to mention if it wasn't for hack forums he may not have ever known as much about hacking as he does now which makes it easier for him to protect himself!

[labrocca]

(Jun 24, 2009 10:48 AM)ridwan sameer Wrote:  

(Jun 24, 2009 02:05 AM)labrocca Wrote:  Same email at my site that hacked me but that's not his real email. He signed up under spamcero.com I believe then using the exploit changed both his email and signup IP address. I was able to pull out mysql logs to see the actual queries.

and to think, you encourage this by having a Forums about Hacking

You're ignorant if you think that's true. Yes I have a forum about hacking but I don't encourage cracking at all. Maybe you should take the time to read my posts at the site.

And btw...I was one of the first exploited sites from this and because of me this exploit was patched very quickly before most sites could be harmed.

http://blog.mybboard.net/2009/06/15/mybb...ty-update/

Quote:Thank you to Jesse Labrocca for alerting us of this vulnerability.

[s9TeeN]

Yup yup! And for those of us who don't know much about MyBB and security features it's good to have you lookin out! lol

[kaitora]

I got the same guy on my site... and then replaced the index template to display some message about the Iran election... so i sorted a clean install up to 1.4.8 and they managed to use the same exploit to do it again...

[MattR]

Did you delete themes.php from ./cache/themes/?? Shouldn't be there, that's the backdoor they leave.

[wolfgang2025]

(Jul 03, 2009 06:35 AM)kaitora Wrote:  I got the same guy on my site... and then replaced the index template to display some message about the Iran election... so i sorted a clean install up to 1.4.8 and they managed to use the same exploit to do it again...

By clean install did you delete all the files and re upload and start with a fresh database and restored it with a back up ?

Or did you just re upload and overwrite the existing files excluding your config file. Like Matt mentioned did you delete that theme.php file ?

Please let us know because now I am starting to worry and another thing is to I wonder if the hacker has read the config file and knows your database name and password. It would not hurt to change the password and user name for the database.