[Mild Rant] phpBB hackers
Moderator: General Moderators
[Mild Rant] phpBB hackers
A client's phpbb just got hacked because it was 2.0.20 instead of 2.0.21... replaced a dozen files' content with "by Thehacker". Grrr.
Us DevNetworkers need to make a TDD + OOP + Secure + Usable forum package someday.
Nathaniel, who does not really want to make time to upgrade phpbb whenever a hole is found
Us DevNetworkers need to make a TDD + OOP + Secure + Usable forum package someday.
Nathaniel, who does not really want to make time to upgrade phpbb whenever a hole is found
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
- AKA Panama Jack
- Forum Regular
- Posts: 878
- Joined: Mon Nov 14, 2005 4:21 pm
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
- daedalus__
- DevNet Resident
- Posts: 1925
- Joined: Thu Feb 09, 2006 4:52 pm
- jayshields
- DevNet Resident
- Posts: 1912
- Joined: Mon Aug 22, 2005 12:11 pm
- Location: Leeds/Manchester, England
Lol, I googled for some screenshots, found "Cow's Blog". He discusses the admin panel, and then links to a previous blog post with some weird CAPTCHA's, LOL, can't believe that...!You could always try the phpBB3 beta. Smile I installed it on two of my forums and it looks really nice and alot more admin features. Don't know if it is any more secure or not.
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
The last three are bearable, at least for me. But the first one... OMGWTF?
Because ever since IPB became non-free, people have been using the old, "free" versions, which are maintained and have many security problems (I actually used to use IPB, but then I discovered a hack that gave you instant admin access... and switched to phpBB)Invision Power Board is being hacked too a lot lately.
Well, they're probably just script-kiddies.I could go on a bit rant about how they are really crackers, but won't.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
The phpBB developers are constantly faced with two wildly different, but equally annoying, groups of people: Developers and Users. Developers want more Security and control features. Users want an easier to use experience. It seems every other version is a volley between the two. I'm not sure they will ever get this thing right. Of course, just about all boards are vulnerable to some form of misaligned hackdog, but it seems like phpBB is targeted. Not sure why, but I think it is.
-
klarinetking
- Forum Commoner
- Posts: 59
- Joined: Mon Jul 24, 2006 9:43 am
Everah is right, and in regards to the CAPTCHA's, I'd like to point out the following topic here. They've been asked for more secure CAPTCHA's, and there they are (although maybe too hard) and now other people are complaining. At least they're trying their best to satisfy everyone 
klarinetking
klarinetking