No answer so long:
Here are additional information that may be of general interest:
Reply from a man at phpBB.com that try to help me:
My question:
3. It is possible to steal authentication (passwords etc.) by listening in on the connection to the site by packet sniffing. I doubt that. It is also possible to hijack session ID's and place javascript code (e.g. by XSS (cross side scripting) on the server where the board code is stored).
Answer:
most issues with the above come from allowing html on the forum software
If you are up to date with your phpbb then usually they exploit usually by SQL Injection thus giving them access to the database..making themselves admin and removing other admins..this is a fault with mysql not php or phpbb
My question:
4. Do anybody on this forum have a solution to the
Problem: How is it possible for a person to change the code without having the FTP password? Is that stolen or are there other methods by which the problems described in the above thread can happen?
Answer:
this is usually old phpbb code , or SQL Injection and apache webserver hacking...also this can be done by exploiting any mods you might have installed as some of them have really obvious exploits
I would also need to check the database for any sql injection or other strange entries such as hidden admins.
Also your ISP would need to be notified as soon as everything is upgraded and is a secure as possible..they need to know the issues you are having and get them to look closely at the server logs for your website
Any changes leave a date and time..with the logs they can track any IP address on your website that was on at the time to hack occured
|