Advertisement:

Author Topic: Flash banners, a secruity risk?  (Read 19497 times)

Offline -SyN-

  • Semi-Newbie
  • *
  • Posts: 36
    • Club SyNdicate Xtreme
Flash banners, a secruity risk?
« on: July 31, 2006, 08:49:17 PM »
I recently had one for my forum and as of today I sign off of my pc and returned about an hour not only to find my forum in maintence mode but my account deleted as well. All the admins passwords were changed as well.

Next I chmoded the forurm directory to 0 and deleted my DB and restored it. Al lwas fine until it happened again less than 5 min. this time the entire forum was wiped out with the maintence mode left being seen.

I had a flash banner for a logo for about a week and 1/2 now and I am assuming that may be the case. I think since nothing like that has happened before. I'm just trying to get some advice and see if the banner is really an issue. I was using 1.1RC2 btw.

Offline H

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 21,662
  • Gender: Male
Re: Flash banners, a secruity risk?
« Reply #1 on: August 01, 2006, 07:42:35 AM »
Flash banners probably aren't able to do anything that complex although its possible.

Which version of SMF are you running?

Any mods?
-H
Former Support Team Lead
                              I recommend:
Namecheap (domains)
Fastmail (e-mail)
Linode (VPS)
                             

Offline Dannii

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 10,210
  • Mind the volcano!
    • curiousdannii on GitHub
Re: Flash banners, a secruity risk?
« Reply #2 on: August 01, 2006, 07:57:40 AM »
If it was your banner it's very unlikely to be the cause of your problems. If someone had a flash file hosted externally that could be a big risk though.
"Never imagine yourself not to be otherwise than what it might appear to others that what you were or might have been was not otherwise than what you had been would have appeared to them to be otherwise."

Offline -SyN-

  • Semi-Newbie
  • *
  • Posts: 36
    • Club SyNdicate Xtreme
I have been hacked again! >:( Please help!
« Reply #3 on: August 01, 2006, 09:37:52 AM »
well I have been hacked again without the flash problem. I even went as far as deleting all of my tables in the database and restoring them. with the tables missing from the database, this is what I seen

www.known2own.net/forumz/

The first time it happened My account was deleted and all other admins and users could not log intothe site and forums. and the forum was left in maintence mode. So I deleted the databse and made a new one and reinstalled smf 1.1RC2 with the security patch that it offers in the package manager. I used a sql file backup thats was about a week old to restore the forum. after that I used the Nexus theme I purchased from Bloc and loded a few mods:

Visual Warning System
Smf Shoutbox (not Ultimate)
Youtube bbc tag
Google Video bbc tag
Simpleshack
spoiler tag "the newest version"
Googlebot and use the who.template.php with it
and the users seen today mod. (Forgot the actual name of it.)

And yes I know how to make mods work with custom themes if you were wondering or if it matters.

I didnt use a flash banner this time because of me thinking that it was the problem since I read about the so called security issues. Anyway this has happene after I installed the smf Shoutbox for the first time. I would hate to get rid of that mod because I love it. But I dont know Ill do whatever to prevent this from happening again. Still the link to my forums remained the same even if I completely deleted the database, reffering to the maintenance mode message.

Any help?

And yes I submitted this to the security report section btw.
« Last Edit: August 01, 2006, 09:44:19 AM by T.J. »

Offline Isaac

  • Sophist Member
  • *****
  • Posts: 1,140
  • Gender: Male
    • Funky Arcade
Re: Flash banners, a secruity risk?
« Reply #4 on: August 01, 2006, 11:13:40 AM »
Does the YouTube mod imbed the video?

Offline -SyN-

  • Semi-Newbie
  • *
  • Posts: 36
    • Club SyNdicate Xtreme
Re: Flash banners, a secruity risk?
« Reply #5 on: August 01, 2006, 11:34:14 AM »
sorry about the complaining but I did some searches and found the repair_settings.php in the tools section and ran it and noticed that,

1. the forum was in maintenece mode

2. my databse name was changed (not the actual mysql db itself)

3. had to adjust a few things

after that all is well, "for now" I hope this wont happen again but if it does I know how to fix it. I hate to have to repeadately run that file just to fix something that should of never happend in the first place.

@ Isaac

The youtube mod, like the google vid mod allows vids to be played on your forum. From another post I read, it doesnt steal anything from the actual site, its just a tag that lets you insert the vid code found at the end of a youtube or google vid link.