NIMC forums got hacked

I was using invision, an old version, the version when it used to be free. I always wanted to shift to phpbb as it keeps the code updated for free. I think this is the time when I should shift to phpbb. I will certainly check the log files and find out the people behind these hackings.

I wonder what they get out of it. Bad day, I slept only for 3 hrs yesterday because of these idiots. I have a backup of 17th Aug 2006. I did not automate the whole backup system yet, so I should do that as well. I will try to bring it back asap.

6 thoughts on “NIMC forums got hacked

  1. AjiNIMC Post author

    Some possible reasons for hacking,

    Possibility 1:Invision Power Board 2.1.x vulnerable via injecting HTML into a post via hexidecimal HTML entities. This can’t be a reason as this is due to a changes in how regular expressions are executed in PHP 5 versus PHP 4.

    Possibility 2: Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.5 and earlier before 20060308 allows remote attackers to inject arbitrary web script or HTML via a Private Message (PM) in certain circumstances. For the time being I have stopped any registrations.

  2. Rajesh

    Sir,
    as i asked u before….
    is it possible to compile the back up of IPB to PHPBB….. i know it’s not possible still i’m asking it……

    I would like to thankyou from bottom of my heart to get our community back to the track once again…… thanx a lot….
    I think it is a conicidence that……. that day u were talking about hacking and all those things and after that day we got one damn lesson on it………a practical one….I think it is one of the most disadvantage of being famous……everybody run after to catch our neck….

Leave a Reply

Your email address will not be published. Required fields are marked *