PDA

View Full Version : Help needed: phpBB2



OPM
03-17-2005, 11:32 AM
A malicious user hacked the message boards that are hosted on my account. I lost all admin priviledges. Is there anyway to salvage anything? Everything was changed so there's no way of retreiving my password.

j103c
03-17-2005, 12:08 PM
Don't you have access to the dabatase on the server? You should be able to get in and reset the password on your admin account. That should get you admin access again, but you will need to plug up your holes to prevent it from happening again.

I have an account with phpnuke running, but not just phpbb, so I can't walk you through the table structure and such. Needless to say, if you have access to the database, you can get your admin account back. How much damage left behind by the malicious hack in the content of your forums could be another story..

You'll want to walk through all your users and such after getting back up to check for holes. Might be good just to back up your db (once you go through it), do a total reinstall of the files, and then import your database back.

OPM
03-17-2005, 01:58 PM
I'm not all that keen on phpbb as it is. Do you have a link that lists all the various security issues?

j103c
03-17-2005, 02:05 PM
No, I don't, but you should upgrade to the latest (which is 2.0.13 right now), and then keep on eye on the phpbb forums:

http://www.phpbb.com/phpBB/

You might also keep watch on the Secunia Vulnerability report for phpbb:

http://secunia.com/product/463/

OPM
03-17-2005, 02:12 PM
Okay, thanks. Also, do you have any idea which table my admin stuff would be for me to reset the password?

j103c
03-17-2005, 02:21 PM
I'm not sure because I don't have a standalone phpbb installation, but I did find this:


..just search your phpbb_users table in your database for users that
have a user_level = 1. Those are admins. User_level of 0 coresponds
to regular users and User_level of 2 are moderators.

I would guess there would be a password column on the admin user that you find.

OPM
03-17-2005, 02:24 PM
Ahhh okay, I'll try that when I get home. Thanks for the help. I'll probably have more questions later =x

torrin
03-17-2005, 04:08 PM
I was reading over at the phpBB website (http://www.phpbb.com) about some other hackings and came across the phpBB Admin Toolkit (http://starfoxtj.no-ip.com/phpbb/toolkit/index.php). You might want to give that a try.

OPM
03-17-2005, 05:55 PM
Awesome, admin toolkit did exactly what I needed. But not before all the information got wiped =(.

j103c
03-17-2005, 06:14 PM
WestHost advertises they do nightly backups. You should ask them to restore your db.

wildjokerdesign
03-17-2005, 07:00 PM
OPM,
What version of phpBB where you running. Did you upgrade to php version 4.3.10?