Web Wiz - Green Windows Web Hosting
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - Hacked by raco55 Help Me please
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Hacked by raco55 Help Me please
 Post Reply Post Reply
Author
  Topic Search Topic Search  Topic Options Topic Options
TechnoDream View Drop Down
Newbie
Newbie


Joined: 23 May 2005
Status: Offline
Points: 24 		Post Options Post Options   Thanks (0) Thanks(0)   Quote TechnoDream Quote  Post ReplyReply Direct Link To This Post Topic: Hacked by raco55 Help Me please
    Posted: 30 December 2005 at 6:24am
Hello
 
Help Me please
 
web wiz forum hacked all version
 
User is Turkey nick raco55 hacked ale forums world
 
 
 
 
 
user registration and pasword admin and closed forum and delete all
 
where password admin???
 
sorry my english bad
 
help me please
 
My version forum 7.92
 
Turkey people group hacked forums web wiz forums
 
 
 
 
 
 
 
 
 
WHERE BUG WEB WIZ FORUMS???
 
help!!!!!!
 
 
 
 
 


Edited by TechnoDream - 30 December 2005 at 6:33am
Back to Top
Tgard View Drop Down
Groupie
Groupie
Avatar

Joined: 25 December 2004
Location: Sweden
Status: Offline
Points: 48 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Tgard Quote  Post ReplyReply Direct Link To This Post Posted: 30 December 2005 at 9:45am
hi ...I suggest u delete the hole forum and install it again and this tims put the database some were else on ur computer where he cant access it...
Back to Top
JCH2 View Drop Down
Groupie
Groupie


Joined: 04 February 2005
Status: Offline
Points: 129 		Post Options Post Options   Thanks (0) Thanks(0)   Quote JCH2 Quote  Post ReplyReply Direct Link To This Post Posted: 30 December 2005 at 3:55pm
Tgard is right.  This type of thing is usually only possibly if you've placed the database in...
  • a browser accessible directory, and/or
  • a directory that isn't hidden, and/or
  • the file name of the database hasn't been changed, and/or
  • the location of the database is the default installed directory.

This type of amateur "hacking" is only possible if the hacker can depend on the database being in an accessible directory or in the default name location that s/he knows from studying the standard WWF package.  Download your database (if using Access) and change as many of these options for the database as possible before you manually reset the admin name/password and re-upload it. 

Back to Top
clownfire View Drop Down
Newbie
Newbie


Joined: 25 July 2005
Status: Offline
Points: 16 		Post Options Post Options   Thanks (0) Thanks(0)   Quote clownfire Quote  Post ReplyReply Direct Link To This Post Posted: 30 December 2005 at 8:51pm

It would be a shame if that is happening because that like item number 1 on the install instructions.

Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 31 December 2005 at 11:56am
The Turkish hacker is using a number of exploits to get in, he mainly uses CSS to deface your site and place an image on there that says you have been hacked.

Please read the following on how he hacks sites and ways to prevent it:-

  1. He looks for older versions of Web Wiz Forums, or ones that have not been updated correctly and then uses old exploits to get in. To prevent this make sure you are running the latest version.

  2. He downloads the Access database and gets admin username and password from that. Make sure you place the database out side of your web site where he can not download the database see, http://www.webwiz.net/web_wiz_forums/docs_access_move_db.asp

  3. He also looks for holes in the servers own security, for sites that have not setup permissions securely and have write permissions enabled on public files and folder, this allows a hacker to upload his/her own files to the server to deface of hack the site. Permissions need to be set by your web host, contact them to setup secure permissions for your site.

  4. Do not enable upload features in the forum. For uploading to work you need to make your server insecure by enabling write permissions on the upload directory, these can be used by a hacker to hack your site (as in point 3).
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
JJLatWebWiz View Drop Down
Groupie
Groupie
Avatar

Joined: 02 March 2005
Location: United States
Status: Offline
Points: 136 		Post Options Post Options   Thanks (0) Thanks(0)   Quote JJLatWebWiz Quote  Post ReplyReply Direct Link To This Post Posted: 04 January 2006 at 12:28am
Originally posted by clownfire clownfire wrote:

It would be a shame if that is happening because that like item number 1 [a browser accessible directory] on the install instructions.

 
The first risk of having the MDB in a browser accessible folder is that any browser can download the entire MDB all in one shot.  That means that every email address you have in the database is wide open for the world to see (maybe we should think about encrypting the email address), every restricted forum is open, every username is known by the hacker.  Now, the hacker has the hashed password, which is still pretty safe, but if the password is something simple like a dictionary word or just stupid, the hacker can perform a dictionary attack or even a brute force attack to determine the admin password.  Such an attack is nearly impractical to run through the web interface.
 
So, assuming you changed the password from the default "letmein" and didn't change it to "admin123", and haven't sent a Private Message (which are stored in the exposed MDB) with the admin password, then the only security risk left is from the hacker somehow being able to upload a modified MDB back to the web server in the same location.
 
WWF will only allow a user to upload files to directories specified in the configuration record and only files with safe extensions like jpg and zip.  So in order to upload the MDB with a new admin password hash, they had to modify the configuration record first, which they could not do without knowing the admin password.
 
As far as I can tell, except for a ridiculously simple admin password, the only way to truly hack the WWF MDB (even if it's stored in an unsafe location) is to compromise the host server.
 
IMHO
p.s. I'm not affiliated with Web Wiz Guide in any way. I'm just an average Web Wiz user repaying my debt for the use of their fine forum by trying to help other Web Wiz Guide users.
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.