How My Forum Was Hacked - Fix?

kaamaru · January 07, 2010, 03:26:02 PM

One of my global mods account was hacked. This is what he did:

QuoteBy the way, Greml1n hacked iPhone's account by using the same IP address as him. I'm still on speaking terms with him, so he told me how he did it.

How do I fix this?

Deaks · January 07, 2010, 03:33:43 PM

im sorry what did he do exactly hacked your gobal mods account? suggest he change his password

kaamaru · January 07, 2010, 03:35:28 PM

He gained access as I think the forum auto logged him in as the hacker faked his ip so he had the same ip as my mod.

Kays · January 07, 2010, 03:41:43 PM

That shouldn't happen as SMF also checks the cookie for verification of who it is.

SN · January 07, 2010, 03:42:24 PM

I read the '' story '' on your forum about how it all happened.

To me it sounds like you mod iPhone, is not telling you the truth

kaamaru · January 07, 2010, 03:49:27 PM

But My other mod wrote the quote at the top. Do you really think he lied?

kaamaru · January 07, 2010, 03:52:01 PM

Another wired this is the hacker used a proxy when posting which meant that he could not of used the same ip as my mod.

SN · January 07, 2010, 03:59:38 PM

I don't know, but it all doesn't seem to add up to me, or seem possible to be able to do that.

I cant see how your Mod can post '' Im getting logged out HELP'' before he actually get logged out. Then all of a sudden his account gets hacked.

seems abit strange to me

kaamaru · January 07, 2010, 04:13:21 PM

If you put that to the side. If the hacker had the same ip would he of been able to hack my mods account or be logged in because he had the same account?

SN · January 07, 2010, 04:15:59 PM

I cant see how it is possible for someone to have the same ip, unless they are using the same PC.

anybody can hack anyone's account if there password isn't strong - But for example if i hacked your account, it would not show the same IP if i was logged in on your account.

The whole IP thing IMO doesn't sound like that is possible for him to do.

and look at what Kays said also

kaamaru · January 07, 2010, 04:39:17 PM

Damn I hope it's not my mod!

Kays · January 07, 2010, 04:41:01 PM

I commonly use two browsers with two different accounts when working on my site. I use IE for my main admin account and FF for guest and member viewing. Obviously, they both have the same ip address and I've never had FF log into my main account unless I deliberately login to that acount.

The indivual does need to login with user name and password to gain access to an account.

Have you got a link to that "story" ?

Arantor · January 07, 2010, 04:45:48 PM

Either that or was able to spoof the cookie and session id, though that is unlikely under normal circumstances. I note you're using a separate app, which seems suggestively insecure

kaamaru · January 07, 2010, 05:08:13 PM

The app is just a web browser to view the forum.

Story http://ihackmyi.com/iphone/index.php/topic,4985.0.html

so was it my mod??

?

Arantor · January 07, 2010, 05:21:09 PM

If your custom browser authenticates based on IP address, possibly. How does it authenticate users? Or is it just a true regular browser?

kaamaru · January 07, 2010, 05:32:08 PM

A regular browser. Its a mod that changes the the theme if an iPhone or iPod touch is detected.

kaamaru · January 07, 2010, 05:32:32 PM

so was it my mod?

.

Arantor · January 07, 2010, 05:45:07 PM

Probably not, in that case.

I don't know what to suggest

butchs · January 07, 2010, 08:30:21 PM

Could have been someone who borrowed the mods phone, a kid or he did it by accident.

If it was me I would temporarily limit some of the mods permissions to protect the board (the big stuff). Then ask him to try a stronger password. If nothing happens in a week or so then I would reset the permissions.

SN · January 08, 2010, 04:28:31 AM

yes thats a good idea, maybe set it so they can only unapproved posts and not delete them, and when its unapproved you can have the final decision to delete it or not

News:

How My Forum Was Hacked - Fix?