Slaney21

iTrader: (1)

Hey all

another site i use which involves cars has apparently been "hacked" by new user. God knows why he/she has chosen such a basic site to air their display of L33T SK1LLZ but the said party has taken away all administrative rights to the site moderators and has generally made a mockery of the site.

Im just wandering what are the best steps to approach this are? I have a sneaky suspicion its someone local who seems to hold somewhat of a grudge against a few users and therefore has turned to hiding behind a screen to stir up trouble. I have suggested the persons in charge contact the site host and ask them for an ip trace of the said "hacker" and go from there but im very limited on the subject.

any computer gurus about to give advice?

cheers

cossie604

iTrader: (2)

Sounds like a 'cruze' site to me.....best advise, avoid them completely as they will only drag you down

Slaney21

iTrader: (1)

dont worry about that im not into the whole "cruise" thing i just have 1 or 2 friends on there. I grew out of the neons and m3 mirror phase years ago

Marts

iTrader: (1)

To be fair, boards like invision and phbb are not 'hackable' as you put it. The way in is through guessing the password of a super mod or the administrator. And to be fair, in cetain cases, thats not hard!

The way to do find out a little about who did the damage would be to go thru the moderator logs (or admin logs) and look at the IP address given where said damage has been caused. Due to the likes of Norton and other security set-ups now tho, IP's are changed all the time and pointed all over the world for 'security reasons' so that may not help anyway.

The person who did the damage would also have background knowledge of the Admin Panels. Hence how they knew where to go to change others' passwords etc. Your standard tom, dick or harry wouldnt know where to go so quickly! So maybe they are from a moderation team of a different site... or at worst, an admin. Jealousy is a bad thing!

If any posts/threads were deleted, hopefully the site admins created a recycle bin and hid it away from moderators eyes. Root Admin should be able to rectify all problems by restoring everything. If this isn't the case then unfortunately they are gone forever and they will have to start again.

Asking the servers for hlp will just get you a "Sorry sir, because this issue is based within a software package on our server there is nothing we can do". Thats even if they know what a forum software is!!!

Only true way of sorting it is to get Root Admin signed in, change all the moderation team passwords into mixed numerics (over 26 letters/numbers long) and then start tidying up and sorting out the mess from there. The reason for 26+ characters is that some 'hackers' use a tool that fifures out passwords... unfortunate for them tho as after 26 characters, the tool has to start again and again due to being too many to figure out.

Not much more to say on the matter mate. They just need to learn from this and move on. Changing passwords and choosing staff wisely is the next step.

Hope that helps you/your mate out

Slaney21

iTrader: (1)

marts thank you for the lengthy helpful response fella much appreciated

Marts

iTrader: (1)

No problem

Hockney

Oh yes they are! You would be surprised at how many forums dont run the most recent versions of the board software leaving them wide open for exploits.
Dont you mean the server host? Asking the server and if the host didnt know what forum software is then I wouldnt be with them for very long

There is absolutely no need to have a password so long. You might as well wear a tinfoil hat every time you log in. Having a password not in the english dictionary and in lower, upper, number and symbols is the more secure way. Something along the lines of >Lly#REeGBy*C/? is more than ample.

Slaney21 didnt your friend make back ups of the site at all? Any one running a website of any sorts knows to make backups at least daily in case something like this happens. You can be back up and running within hours instead of having to start from scratch again.