Web Wiz Forums - hacking again

Print Page | Close Window

hacking again

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=16929
Printed Date: 16 April 2026 at 2:22am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: hacking again

Posted By: fx5500
Subject: hacking again
Date Posted: 16 October 2005 at 8:28pm

Hello everyone.

I am using MSSQL wwf 7.92 on the server. Then some people can change the "topic headers" like what they want. If I am using ver 7.92 what should I do? I turn off the RTE editor and still they can change the headers.

Replies:

Posted By: WebWiz-Bruce
Date Posted: 17 October 2005 at 7:06am

Download and install the full version of web wiz forums 7.92 as it sounds like you have not updated all the required files successfully.

Also make sure that all passwords for admins and moderators are updated immediately to something difficult to guess and that if you are using the Access version the database is placed in a folder outside of your web site so it can not be downloaded by a hacker.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: fx5500
Date Posted: 17 October 2005 at 7:16am

Hi Borg..

Its an security open in 7.92. After I was hacked, I am search some hack sites and I have seen this code..

-----------------------

"action = "post_message.asp?PN=1" ve action=post_message.asp?PN= method=post> bunlar� bunlar�n ba��na sitenin adresini ekleyin bende mesela at�yorum action=" http://forum.ozzy.com/ - http://forum.ozzy.com/ post_message.asp?pn=1"

-----------------------

Theyre using "edit tools" for hack to site. I turn off the all edit tab in all forums.

I am sending a web site..

http://cyber-warrior.org/forum/display_topic_threads.asp?ForumID=13&TopicID=40225&ReturnPage=&PagePosition=1&ThreadPage=1 - http://cyber-warrior.org/forum/display_topic_threads.asp?ForumID=13&TopicID=40225&ReturnPage =&PagePosition=1&ThreadPage=1

This is Turkish and they are explaining how a web wiz site hack using "edit" tab.

I am using sql version 7.92. and theyre hacked me...

Posted By: WebWiz-Bruce
Date Posted: 17 October 2005 at 1:52pm

I'm sorry but I really do not understand a word you are saying could you please send me a PM edtailing how they are doing the hack and I will release a patch for this tomorrow if it is something that is not already patched.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: jcecilb
Date Posted: 17 October 2005 at 3:29pm

I am also running 7.92 on SQL and have been hacked. During the loading of my site ( http://www.lowcountrycops.com - www.lowcountrycops.com ), it redirects to http://koodmain.free.fr/ - http://koodmain.free.fr/ and that site is a black screen with the writing - Dptk 07 ownz you !!!

I thought I had all the correct updates and patches.

Any thoughts on how to get the site from redirecting?

Posted By: jcecilb
Date Posted: 17 October 2005 at 5:17pm

You disregard my earlier post.

The problem had nothing to do with WebWiz Forums.

This is a great product and my own stupidity led to my problem.

I appreciate the hardwork that has been put into WebWiz.

Thanks

Posted By: JJLatWebWiz
Date Posted: 17 October 2005 at 5:28pm

Can you provide a screen capture that shows damage?

-------------
p.s. I'm not affiliated with Web Wiz Guide in any way. I'm just an average Web Wiz user repaying my debt for the use of their fine forum by trying to help other Web Wiz Guide users.

Posted By: WebWiz-Bruce
Date Posted: 18 October 2005 at 8:51am

This issue is prently being worked on and a patch for this will be released later today or early this evening.

In the meantime anyone worried about this should disable the editing of posts within their forum.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: WebWiz-Bruce
Date Posted: 18 October 2005 at 2:02pm

There have been a few delays on this and after working on the next versoin of web wiz forums with this patch now for 12 hours solid I need a break and go home.

But I will be back in the office working on this first thing in the morning and plan to have it finshed tomorrow, I just don't want to release it without testing properly first.

The next version will have a patch for this bug as well as having new CAPTCHA images, SMTP server authentication, and a few other new features.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: WebWiz-Bruce
Date Posted: 19 October 2005 at 6:35am

Version 7.95 of Web Wiz Forums has been released which fixes this issue as well as adding a number of other new features to Web Wiz Forums, that add extra security.

Version 7.95 can be downloaded from the forum download page found in the left hand coloumn.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting