Blog Documentation Book a Demo
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

PHPbb "possible looming threat"

lechlech
edited March 2006 in Vanilla 1.0 Help
No you have not yet been hacked and phpbb is still ok. However, apparently forum watching is a new sport in looking for possible looming threats. And this seems to be a favorite for bot authors looking for a quick exploit. A friend of mine snagged this off of digg and I awoke to this story originally bearing its head a few days ago before digg just caught onto it. There's even been some Vanilla/SMF name dropping as well. The original: http://www.issociate.de/board/post/312809/phpBB_mass-hack_being_prepared_ Digg story: http://digg.com/security/phpBB_mass_hack_being_prepared_ For the most part, the concern appears warranted mainly because some random person(s) have registered the same name across several (several hundred maybe) forums using the same name posting mindless nonsense and advertising. I can see this scenario panning out in the vanilla community if we don't keep our guard up, but overall, it seems like a decent enough read with potential ways to spot bots before they do any major harm and how to manage large forums vigilantly. :)

Comments

  • BergamotBergamot
    Seems like a really dumb way to set up an attack; more likely it's just an advertisement plant.
  • lechlech
    Well, it still seems like a possible attack vector, however I doubt much would come of it so yeah, the most I see from this is just spam. If an attacker did want to exploit some major hole in the applications security, they might be wisest to register under a different name for every other forum if they want to remain "cloaked". However, reading through the article, I did like the thought of a honeypot forum to catch bots in the act and have a means of preventing hacks such as this.
  • BergamotBergamot
    Yeah, but you don't need a honeypot when the bot is stupid enough to use the same name everywhere.
  • lechlech
    Well, in this particular case, no. But the next time, any community targeted for an attack like this probably won't be as fortunate.
This discussion has been closed.