turkish hacker hack. Can I hire some one from here to fix DB

phpBB2.de User Anmeldungsdatum: 26.11.2005 Beiträge: 2

Hi Reliable
Where on earth do you get the time to help all these folks out! Great job though!

May I also come to you as a poor sod that didn't upgrade in time, just to be hit by the bored little inferiority complex who's only claim to fame is that he used somebody else's idea to break somebody else's toy because he probably couldn't have one of his own?

The Turkish hacker managed to mess up my client's forum. I couldn't be bothered to fix what he did because I knew I had to upgrade. Apart from the administrator being replaced he didn't seem to have caused any other damage to the database. So, firstly I tried to do an upgrade, but that failed. I then did a new install and then imported the data from the tables one by one from the existing database. Unfortunately my backups are a bit old, so I figured this to be the better option.

I then discovered that all the poster_id on posts by admin were replaced by -1 which made them guest postings. I replaced these with the correct poster id, but now the Author column in the forum index still displays Guest in stead of Admin. How do I fix this?

Any help will be greatly appreciated.
Kind Regards

What's the URL to your forum?

phpBB2.de User Anmeldungsdatum: 27.11.2005 Beiträge: 1

Hi
I too have been hacked

www.node-net.com/phpBB2/

Anyhelp appreciated.

phpBB2.de User Anmeldungsdatum: 26.11.2005 Beiträge: 2

http://www.montessori.org.uk/msa/phpBB2/

phpBB2.de User Anmeldungsdatum: 17.12.2005 Beiträge: 4

I have the same problem

http://k13.pixxelfish.de/

thx!

Did you try doing what I posted on this topic?

phpBB2.de User Anmeldungsdatum: 17.12.2005 Beiträge: 4

I'm not able to delete the "HACKED" Forum - the forum configuration menu at the ACP is also infected with the html-code of this turkish guys.

phpBB2.de User Anmeldungsdatum: 17.12.2005 Beiträge: 4

Reliable hat folgendes geschrieben:

Did you try doing what I posted on this topic?

Yes, I think so.
These turkish guys deleted my admin account and placed a new Forum inside called "HACKED".
After that I recreated my admin account using the PHPBB Admin ToolKit (http://starfoxtj.no-ip.com/phpbb/toolkit) and made the "HACKED" Forum invisible to the "normal" users - now the whole forum is like it was before, exept of the admin account.
I tried to delete the "HACKED" forum but this part of the ACP is infected, too.

What's the URL to your site?

phpBB2.de User Anmeldungsdatum: 17.12.2005 Beiträge: 4

http://k13.pixxelfish.de/

phpBB2.de User Anmeldungsdatum: 13.03.2006 Beiträge: 1

I too have the same problem Sad

I would really appreciate some help. My webhost have tried to restore the forum, but to no avail. Now I have no idea what is going on. You can see the bits and pieces here:

http://www.mybeads.com.au/forum/
http://www.mybeads.com.au/forumBACKUP/
http://www.mybeads.com.au/forumhacked/

I don't know if there is even a database in there now.... I don't know what the database is called - I tried to download a copy of the db, but I am not sure if this is it... called phpb1, it contained stuff like,

"DROP TABLE IF EXISTS phpbb_auth_access;
CREATE TABLE phpbb_auth_access (
group_id mediumint( Cool

NOT NULL default '0',
forum_id smallint(5) unsigned NOT NULL default '0',"

Is that the db? Like I said, I would really appreciate some help. I am lost!
Thank-you,
Michelle.