ievil: new admin?

Status
Not open for further replies.
Charizard88 said:
o-o

Well that is odd. I would have thought that to be the new person. :/ Unless they are turning it into a joke again as was stated by PokeChamp. .-.
Click to expand...

It is very odd.

I PM'd a moderator about this. Hopefully he will shed some light on this.
 
Wow. That's hilarious that WPM doesn't even know. Lol TurkishItalian Hackers.

dmaster out.
 
Water Pokémon Master said:
I have no idea how that happened. o_O

Banned the IP though. How weird is that! How could someone sign-up then be given admin powers on their own? The IP was from Italy, so I guess it was Italian hackers or something.
Click to expand...

I would check the admin user group. There is an option in there that allows you to make it possible for people to sign-up straight into that usergroup. So check that maybe that is how it happened. Otherwise it has to be a hacker. Just an idea that I thought might help. It has happened on one other forum I visited and assisted. So really I am out of ideas as to what could have happened unless what I said works.
 
Pandamore said:
His pro says he's using the User control panel....

Bum bum bummm
Click to expand...

Ya like 25 minutes ago. So obviously he left and later to return but who knows, if he was a hacker he will get in again...if he feels like it. Or she depending.

Rotom479 said:
That was a short lived... thing. Who banned him?
Click to expand...

WPM as he stated above.
 
The time it says he started was before he was banned.

Chances are, he could still be an admin and hasn't refreshed his page...o_O
 
Pandamore said:
Well he still is...
Click to expand...

But the minutes. If he would have navigated to ANY other page in the user control panel it would have refreshed the minutes on it. Unless he is getting through using a source code found in the user CP I have no clue why or what he is doing. I have heard of a glitch in a past mybb version that had the admin password accessible in everyones user CP, but mybb fixed it...or did they?
 
If he became an admin like that then he's smart...he could easily abuse the glitch if it wasn't fixed...
 
Brawler said:
If he became an admin like that then he's smart...he could easily abuse the glitch if it wasn't fixed...
Click to expand...

Well it would require finding another computer under a different IP address and finding the coding for everything all over again as the admin password is hidden deeply and requires coding to decipher. But it is possible they never resolved this and he is using it.

Now with the update on software we should be fine. :)
 
Okay, found out what happened.

myBB, the forum software we use, had a security exploit that was discovered a few days ago. You could register on a forum and become admin essentially. I upgraded the forum software now so that shouldn't be a problem anymore. It was probably just some random person wanting to test it out.

Next time you guys see something suspicious like that IM or email me immediately!
 
Wow, that's crazy. Man, if I had that option to be an Admin when I signed up on here, I would've tried it out. ;o

dmaster out.
 
Water Pokémon Master said:
Okay, found out what happened.

myBB, the forum software we use, had a security exploit that was discovered a few days ago. You could register on a forum and become admin essentially. I upgraded the forum software now so that shouldn't be a problem anymore. It was probably just some random person wanting to test it out.

Next time you guys see something suspicious like that IM or email me immediately!
Click to expand...

I guess I somehow got a lucky guess in that they just registered directly to the admin side. :|

I tried to IM you. Only thing is on AIM your ALWAYS away. I am Inferzard if you didn't know. :p
 
Status
Not open for further replies.
Back
Top