Turkish Hacker still very active

phpBB2.de User Anmeldungsdatum: 08.12.2005 Beiträge: 2

I was that stupid not to update phpbb and I hav version 2.0.11 on. I got hacked by Turkish Hacker team on my forum ( www.vt4um.nl ). They left a script wich lead to www.barbarity.org. My forum layout was changed and there are problems with logging in. People are redirected to www.elsevier.nl or to a 'page cannot be found'screen. When pressing the BACK button in the browser you'll find out you are indeed logged in. I have no entrance to my adminpanel. I did the update to 2.0.18 Nothing have changed. My knowledge of php/sql was/is very low. I only made backups in the admin panel. After being hacked I did some studying and learned to also making a backup in phpMyAdmin. It's to late now. Can anyone help me, recovering?
Question

info@vt4um.nl

phpBB2.de User Anmeldungsdatum: 09.11.2005 Beiträge: 6

if u have fresh back up before u been hacket instal 2.0.11
instal fresh back up and after upgrate to 2.0.18

phpBB2.de User Anmeldungsdatum: 08.12.2005 Beiträge: 2

We found out that there was something wrong in the config table.
In the domain name variable, the letters; 'http://http://" was added. This lead to a search machine search. That search machine took a gamble and redirected the user to the first page the search machine found. Problem is now solved...

phpBB2.de User Anmeldungsdatum: 01.03.2006 Beiträge: 1

I'm kind of curious if anyone figured out what the entry point was... do you know which vulnerability was exploited, and perhaps what GET request was used? I'm trying to narrow down the cause of a hack on a site that I support.

phpBB2.de User Anmeldungsdatum: 18.03.2005 Beiträge: 773 Wohnort: Denmark

A new kind of hacking mentioned here
http://www.phpbb2.de/ftopic36432.html