i have been notice that some one its deleting accounts from other users on my forum is there any bug known from smf side that its been used from this kinf of person any ideas how are they doing this?
by the way the person its editing users post and then deleting them its there any way i can delete al this hacked persons post in onw shot since the person deleted the profice
You might want to check your permissions settings and check the permissions for any member groups you have created i have looked at your site but sadly dont speak the same lingo as you so dont understand
also check the moderation and admin logs
there is no known hacks in SMF 2.0RC3 that would allow someone to delete other user's accounts.
As for deleting a user's posts, if that user has already deleted the account... no, ther eis no easy way to do that, since the "poster ID" has alreayd been reset to 0... you'd have to set up a new user, then do a DB query on the username and set all of those posts to thge new user, then delete the new user and select "delete all posts" when you do that.
thanks for the replys hehe our lingo its spanish
well the person doing this is tacking for what i seen diefrents accounts and doing this nutill now hes taking moderators accounts and then doing the edits after he finish he is deleting the accounts he must be using some king of trick over smf because it haven do anything else in the logs you can see user deleted his own account nothing else
It also suggests someone has pre-guessed either your password or that of one of your staff.
Edit : now I've seen your last post change those passwords. lol
QuoteEdit : now I've seen your last post change those passwords. lol
can you explain this to me :o
i was thinking that has pre-guessed the passwords the first time but it have been pre-guessing already like 4 accounts i dont really think its a thing of has pre-guess he must know something we dont and its always moderators accounts
Esto esta curioso de verdad.
As far as I know, there are no hacks for SMF.
I can think of several things I would do to try and see what is going on.
First of all, the logs should be showing who is or what IP's are deleting the accounts along with the username they have logged in with.
What would I do?
Still thinking it could be that this person has used a cracker and has some ones pass. That be a MOD or Admin pass.
I would remove all MODS extra ADMINS privileges for now. I would also disable the ability for anyone to delete an account with out permission.
I would also tell the team of the page what is going to happen. I would also tell all of them to make strong passwords, change the passes.
(Maybe this person is getting the pass thru MAIL?) That could be and that would pretty much ruin changing the password which might be a sign of being keylogged.
Maybe one of your team is trojaned or KeyLogged since you do have a warez site maybe one of your boys is not using an Anti virus.
There is a lot to do but check the logs first and then go down the line.
No se que mas decirte pero tu pagina esta muy buena :)
Suerte.
if he guessed the password to one account with admin privs, he could then change passwords and email addresses on other accounts and move on to them.
As I said, there are no known security holes in 2.0RC3 (assuming that is what you are running)
However... there could be a hole in one of your mods. What mod(s) are you running?
QuoteNo se que mas decirte pero tu pagina esta muy buena
GRACIAS PANA eres bienvenido cuando kieras
im running 2.0RC3 and the mods are
Registered Links
nCode Image Resizer
SimplePortal
Favicon
Download and Password BBC v3.0 for SMF 2.0 RC2 Release
Thank-O-Matic
Load Standard Language
Yet Another Global Announcements Mod
Related Topics
Tidy Child Boards
Topic Solved
Member Color Link
Megavideo BBCODE
Stop Spammer
Ad Management Mod
Global Headers Footers
Sitemap
Copyright & Footer Links | S-Ace
PaypalDonations
Redirect on Login and/or Logout mod
YouTube BBCode
Hide Tag
if your a mod you can change the password of other mod? maybe this is the case but i dont think a mod can do such a thing
I have never read or heard about any of MODIFICATIONS you just posted to your forum as having exploits.
To answer your question
if your a mod you can change the password of other mod?
I don't think a mod has those powers unless he was given them.
You have to go through the settings and see what powers the mod has.
DID YOU CHECK THE LOG FILES?
There is a section in the SMF settings that lets you see anything and everything being done via the log files. That is where I would start looking.
well i saw in the admins log that the user xxx has deleted his account and in the mod log that the user xxx edited some of his posts and then deleted his account no more to see in the logs
in the permitions of the mods i was now seying and the mods dont have any permition to change nothing about other users
this are the permitions of the mods i have there in spanish
(https://www.simplemachines.org/community/proxy.php?request=http%3A%2F%2Fi32.tinypic.com%2Famuyck.png&hash=6947af0dd88f8e802e5632a512aa668f7513dd11)
(https://www.simplemachines.org/community/proxy.php?request=http%3A%2F%2Fi31.tinypic.com%2F10mifqa.png&hash=37737aa46969bceb4f9acc41b84d6cff288c4f32)
(https://www.simplemachines.org/community/proxy.php?request=http%3A%2F%2Fi26.tinypic.com%2F5x683m.png&hash=c575ba017bee9235a82a8a16790b9e06b5a97f8a)
(https://www.simplemachines.org/community/proxy.php?request=http%3A%2F%2Fi29.tinypic.com%2F2zolrol.png&hash=efe23b628a52ed6590993305ef5b7db5d40ca5f9)
Tiene que estar usando una quenta de Admin.
Cuantos Admin's tienes?
I am unfamiliar with this mod:
Download and Password BBC v3.0 for SMF 2.0 RC2 Release
what is it supposed to do? (because the mod has been removed from the smf mod site)
QuoteDownload and Password BBC v3.0 for SMF 2.0 RC2 Release
this mod is for putting download links and inserts passwords
QuoteTiene que estar usando una quenta de Admin.
Cuantos Admin's tienes
no man creeme hasta ahora solo e tenido este problema con 3 o 4 cuentas de moderadores primero pense que era cosa de nu troyan pero el ultimo afectado ni usa su pc asi que estoy descartando esa posibilidad
hmm drop all staff to normal members (you will be the only staff member)
now go change your password to something else but misspell it
example cakes = caces ple who use a crackers never load a list of misspelt words
use a password like this also if you want a hard word o@*0_6 o_Jj8 6%#$!^& MAR
now go change the database password too
and if i was you i would contact all members and ask them if YOU can change there emails to your choice as a temp thing for now
you can go make a mew email to assign all members too and if any of them need to reset there passwords you get the email and you can reset it for them
Quote from: Kindred on July 28, 2010, 05:18:14 PM
there is no known hacks in SMF 2.0RC3 that would allow someone to delete other user's accounts.
As for deleting a user's posts, if that user has already deleted the account... no, ther eis no easy way to do that, since the "poster ID" has alreayd been reset to 0... you'd have to set up a new user, then do a DB query on the username and set all of those posts to thge new user, then delete the new user and select "delete all posts" when you do that.
Actually, you could just use the built in function.... Create a new user, call it whatever - for example Trash - and go to Administration Center » Forum Maintenance » Members
and reattribute all the to be deleted posts to the newly created member, and then delete that member and it's posts :)
Quote from: BoxingChaos on July 28, 2010, 08:19:09 PM
Tiene que estar usando una quenta de Admin.
Cuantos Admin's tienes?
Could you please use the English language ? Or go to the language specific board for support.
QuoteActually, you could just use the built in function.... Create a new user, call it whatever - for example Trash - and go to Administration Center » Forum Maintenance » Members
and reattribute all the to be deleted posts to the newly created member, and then delete that member and it's posts
thanks great idea ;D
Quotehmm drop all staff to normal members (you will be the only staff member)
now go change your password to something else but misspell it
example cakes = caces ple who use a crackers never load a list of misspelt words
use a password like this also if you want a hard word o@*0_6 o_Jj8 6%#$!^& MAR
now go change the database password too
and if i was you i would contact all members and ask them if YOU can change there emails to your choice as a temp thing for now
you can go make a mew email to assign all members too and if any of them need to reset there passwords you get the email and you can reset it for them
great idea 2 i was thinking all nigth and didint come up with an idea of what tecnike he is using any way i will do the email change to see what happends
well tried to do the email change but its said
QuoteHan ocurrido los siguientes errores al intentar guardar tu perfil:
* Otro usuario ya se encuentra registrado con esa dirección de email.
there it says theres an error another user is already using that email :o
i tried to making a new user named trashcan and moved all post of deleted guest from mi forum to this new account but wen deleting this account the post are still there and the post have the name of the original poster ...
how do i change the database user and password ?
through your server cpanel, and then change the line sin settings.php