Install
Starfoxtj
Description:
"The majority of hackers who gain access to your board add malicious information into your forum or site descriptions. The most common are the javascript, and iframe tags. By adding these to your descriptions, they can embed "hacked by" messages, songs, music and page redirects.
Most of the harmful tags cannot be seen by viewing the forum index.
This section scans all forum descriptions showing you the actual text, including the added information.
This scrip will scan for the following tags: <, >, <script, <javascript, script>, <iframe, <frame, iframe>, frame>, <embed, embed>
The first two characters, are considered a minor risk. The rest, are considered major risks. (Explained below).
On most hacked forums where the hacker added an iframe or javascript into a description, the board administrator is unable to view the forum, or even enter the admin panel to remove it. With this tool, if any harmful or malicious tags are detected in the forum description, you have the option to Sanitize it. Sanitation converts the characters that make the tags harmful, into safe, non-harmful equivalents.
The two special characters that allow the script and javascript tags to be harmful, are the left and right arrows. The left and right arrows, when surrounding a body of text, are invisible when viewed through a browser. When this script sanitized a description, it converts the left and right arrows, into harmless "html entities". An html entity is a code value that is used to represent the left and right arrows (among other special characters). The left and right arrow characters can be "printed" on the screen using the html entities: < for the left arrow, and > for the right arrow.
By converting the left and right arrows to their represented code, they are displayed in the browser as harmless arrows. Since they are no longer actual arrows, but the code equivalent, they no longer pose a threat to your forum. You can then login to your admin panel like normal, and remove the extra code.
If a description contains the left, and or right arrow < >, it will be highlighted in yellow. Yellow indicates that these characters, may possibly be used in a harmful way. This is not always the case though; just because the description contains the left or right arrow, does not mean it is insecure or harmful. Many administrators use them by choice on their website, for line breaks
, images <img> and font modifications <font>. I would suggest double checking these descriptions to ensure they contain only what you wrote.
If a description contains any of the other tags, such as the famous iframe, javascript or embed tags, it will be highlighted in red. Red indicates that these descriptions almost certainly contain harmful information. Hardly any administrators use these tags in their forum descriptions, but hackers almost always do. Read through the descriptions highlighted in red, and unless you intentionally intended to add that code, sanitize it".
Source: Starfoxtj Admin Panel
Note if your forum has been hacked and you were admin, but now reduced to moderator, you get additional problems, since you can not update a moderator to admin.
Here is my question to the person who made Starfoxtj:
I think you are the creator of Starfoxtj.
I am the owner of ForumNorway.com that has been hijacked. I have posted a post at WebProWorld,
http://www.webproworld.com/viewtopic.php?t=65091 where you can read more about the problem.
A man from phpBB has upgraded the forum and helps me now. But there are something regarding Starfoxtj that I do not understand.
I was able to upgrade him (new user) to Administrator, but not my Son and myself. I am reduced to moderator by a hacker.
I also tried to change our status to users, but that did not work either. Is there a security whole in Starfoxtj?
Can the hacker have placed code on the site or in the MySQL database that prevent that action by Starfoxtj.
Here is the answer:
Because of the way moderator accounts work, I did not
include an option in the toolkit to change the user's
user_level if they are a moderator. The reason is
because TONS of additional changs need to be made to
remove a user's moderator permssions.
Register a new account, then go into the toolkit (its
called a "ToolKit" btw, starfotj is my nickname), and
promote the new account to an admin.
Then goto the security scanner, and demote/ban any
fake admin accounts that are listed. After that, log
into phpbb wiht your new admin account and goto "User
Permissions" and remove any moderator permissions from
your original admin account. Then promote it back to
an admin within phpbb.
After that change your ftp, database and admin account
passwords and update to 2.0.21!