?

Log in

No account? Create an account

Previous Entry | Next Entry

OMG WTF?

I was still setting UP my fable forum... Still in the MIDDLE of filling out crap

suddenly I was HACKED by
KUSANAGI

I immediately banned the IP (203.162.3.147 )

but OMG WHO IS THIS PERSON?

THe new forum isn't even an hour OLD and not even live yet

the fucker changed my admin files and EVERYTHING!

The wrote in the forum name:
HACK BY KUSANAGI

and in the description:
bug in site, I don't want to have to come back

Does anyone kow this person and what more I can do to ban them?

and look at this:

http://network-tools.com/default.asp?host=203.162.3.147

FUCK THEY CAME BACK IMMEDATELY UNDER A DIFFERNT IP!
CRIES HOW DO I STOP THIS?

GOOD GOD HE HIT ME WITH 2 MORE IPS!!
NOW up to this:
134.76.10.66
203.162.3.147
152.163.101.8
152.163.100.136

He put images on my site like this:
http://www.zidean.com/zv4_3/213_5771.jpg

*WEEPS*

I've changed passwords on all my accounts and everything!

(EDIT)

OKAY he's got some program or something doing this.... look at the IP stats and I was catching him within a minute....
It goes:

IP ADDRESS --------pages-------HITS------BANDWDITH-----TIME

203.162.3.147 ------- 12 ------- 174 ------- 415.69 KB------- 14 Aug 2005 - 01:47
134.76.10.66 ------- 1 ------- 30 -------52.95 KB------- 14 Aug 2005 - 01:48
152.163.101.8 ------- 5------- 5------- 12.78 KB -------14 Aug 2005 - 01:58
152.163.100.136 -------1 -------3------- 41.12 KB------- 14 Aug 2005 - 01:59
63.195.56.218 ------- 16------- 152------- 1.74 MB------- 14 Aug 2005 - 02:09
165.247.224.14 ------- 3 -------31 -------218.64 KB -------14 Aug 2005 - 02:14

The little FUCKTARD!

I called my tech support and he's not getting into my control panels just the Open Source PHPBB board admin panel and they have NO CLUE HOW... and I can't find fuck all info on PHPBB site about security bug fixes...

I'm at my wits end... but it's been 20 minutes now as I blocked him like a hawk and banned him the second I saw a guest user on the board....
no new attacks...

But he's in Vietnam and if the Kusanagi is the same one on that stupid image file he added to my site at one point.... he's 16 years old in Vietnam and it's SCHOOL TIME OVER THERE>


Fuck fuck fuckity fuck fuck


EDIT EDIT

I just blocked 69.238.21.158
-

Trace aborted.----(ms)---- (ms) ----(ms) ---- IP Address---- Host name
1 ---- 0---- 0 ----0 ---- 66.98.244.1 ----gphou-66-98-244-1.ev1.net
etc....

People if you are trying to get in WAIT I'm blocking ALL GUEST USERS INSTANTLY
If you go into the forum REGISTER so I don't bloack your IP

xoxo

Comments

fablespinner
Aug. 16th, 2005 01:20 am (UTC)
thanks
mortegami
Aug. 16th, 2005 03:09 am (UTC)
He has suggested that it may be the version of phpBB you're using. If it's the newest version, though, he suggests looking for patches to it. Apparently what Mr. Kusangi is doing is using a Script Kitty script.

He's told me a lot of stuff. Basically, if you can get into the log files on the server (or have one of their tech people do it) to see which page(s) he's accessing the most, you can find out where he's placed the backdoor that he's using to hit your site with. Tor's suggested that, if Micof isn't running Windows servers, it may be phpBB's interface. If Micof IS running Windows servers...(I just realized there was a link in one of your responses to a comment and clicked to read the thread. Obviously, Micof isn't running Windows if they're running Linux! ^_^;; )

Armed with discovered information and such, I offered this new stuff to him. He offers the suggestion of downgrading your phpBB to see if it will stop this kid. If it doesn't, then it may be a file on the server that is allowing him access. In which case, it would be (I think) Micof's job to assist you in finding said file. In the case it does stop him, you would probably be alright with a slightly older version of phpBB. These are only just suggestions. If you have any sort of question, lemme know. I'll fling them at Tor and give you his answers.
fablespinner
Aug. 16th, 2005 05:32 am (UTC)
Well he never actually got into my SERVER just my admin control onael on the board and i'm playing go between now for the mmicfo tech and the phpBB tech guy while they dick slap back and forth not SOLVING anything really.
mortegami
Aug. 16th, 2005 06:02 am (UTC)
;;nodnod;; Which is the large part of why Tor's thinkin' it's a file that's allowing the kid to get in. He's running a script which is taking advantage of an exploit, possibly in one of the PHPBB files. While the phpBB guys may say that there's not currently a way to hack the newest version, that doesn't mean it can't be done.

So you may ('less you already have) suggest that to the phpBB tech-dude. Tell him that a Network and Systems Administrator who uses phpBB, as well, said it was possible. ;;grins;; He may pay attention to it, then, as it's coming from a Computer Techie.
fablespinner
Aug. 16th, 2005 06:14 am (UTC)
Trust me... those bases were already pounded into the dirt, the dead horse beaten, drawn and quartered and FLOGGED...

I lean more toward my micfo tech support here and agree with the, It's a bug in the open source code that's allowing this kid to enter the board as a guest user and gain access to the admin panel.

He wasn't in my server
he wasn't changing my files
he wasn't altering files
he wasn't uploading anything

he was changig t FIELDS in the configuration screen on the admin board. The BOARD NAME and DESCRIPTION

text fields.

Any idiot can see it's a flaw in the phpBB board itself.

PRIDE and EGO I think is getting in the way here.

sigh.

Latest Month

June 2013
S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
30      

Tags

Page Summary

Powered by LiveJournal.com
Designed by Ideacodes