Daniel0 Posted February 10, 2009 Share Posted February 10, 2009 mat-tastic, given that I have access to quite a lot of information about the attack I find it unlikely that it was SMF's fault. We have been attacked through a hole in SMF before though, and that was much more destructive than just leading our users elsewhere. Quote Link to comment Share on other sites More sharing options...
mat-tastic Posted February 10, 2009 Share Posted February 10, 2009 Are you seriously consider changing? I love SMF, its clean, its powerful and its just awesome. You will have a bit of a nightmare switching with the amount of data you guys have. Quote Link to comment Share on other sites More sharing options...
premiso Posted February 10, 2009 Share Posted February 10, 2009 However I very much doubt they coded a backdoor so they could access the site. The only reason I point it out, is I know of a forum that an admin got in and informed them they were using illegal software, they actually made a post a sticky/global announcement, before shutting the site to "off". Now whether this was really VBB Admin going in there or just an exploit someone found in the code I have no clue. This was back in 2001 ish. Quote Link to comment Share on other sites More sharing options...
mat-tastic Posted February 10, 2009 Share Posted February 10, 2009 Thanks Premiso, I wasn't aware of that. Shocking if they did that though, as that would be illegal. Quote Link to comment Share on other sites More sharing options...
trq Posted February 10, 2009 Share Posted February 10, 2009 @premiso, As has been pointed out smf is open source. Any backdoor would be found and closed pretty darn quickly. @mat-tastic, While it appears (at this early stage) that this attack may not have been a fault in the board. We have had smf compromised before. Its not indestructible as you seem to be indicating. I'm all for a change. But Id still like to investigate what actually happend. There are no signs of brute forcing the admin password in question, so for now, its hard to say. Quote Link to comment Share on other sites More sharing options...
premiso Posted February 10, 2009 Share Posted February 10, 2009 @premiso, As has been pointed out smf is open source. Any backdoor would be found and closed pretty darn quickly. That makes more sense. Thanks, I must have just read over it, I guess I could of just went to the site and found out. Quote Link to comment Share on other sites More sharing options...
steviewdr Posted February 10, 2009 Share Posted February 10, 2009 I take it that they didnt get in through the ZF main phpfreaks site? I know that it has some login stuff integrated into SMF. Pain in the butt. -steve Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted February 10, 2009 Share Posted February 10, 2009 Yeah the login was made directly through our smf install. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.