Please Help, Hacked by Turkish hackers.

MegaV1 · May 27, 2006, 05:05:49 PM

if i let guest posts, how does this problem work?

winrules · May 27, 2006, 05:06:47 PM

Quote from: MegaV1 on May 27, 2006, 05:05:49 PM
if i let guest posts, how does this problem work?

The problem is with allowing guests to shout, not post.

MegaV1 · May 27, 2006, 05:07:51 PM

okay, if the guest shouts, how does this problem work and how do i prevent it from being used on my forum?

winrules · May 27, 2006, 05:11:26 PM

It is only a security problem is you use TinyPortal (or maybe the Ultimate Shoutbox Mod, I'm not sure if that was affected, too). Look here for the fix.

MegaV1 · May 27, 2006, 05:13:20 PM

i'm using SimplePortal + Ultimate Shoutbox

Harzem · May 27, 2006, 05:40:59 PM

Ultimate Shoutbox also has a fix, but I don't know where it is released.

They exploit the vulnerability, by using

<script language="javascript">location="www.forwardsite.com"</script>

as their poster name in shoutbox. The completely correct code is not the one above, for security reasons

MegaV1 · May 27, 2006, 05:47:29 PM

by using that code, what do they hope to achieve?
i don't understand

Harzem · May 27, 2006, 06:02:41 PM

They simply redirect your page to another site, where they usually have the "hacked by" thing.

forsakenlad · May 28, 2006, 10:05:00 AM

LOL, My name is Eren too

News:

Please Help, Hacked by Turkish hackers.