Hi all

I have recently had no end of problems with my old forum (not phpBBXS) constantly getting hacked, thats why I changed to this version of php it seems to be more stable.

I know that the problem was with the old FOING mod which had an exploit in it, even when patched they could still get in so in the end I gave up and dumped the modded php I was using.

The reason why I am writing this topic is to share some info with any and all users who are interested, I seem to have found the script that the hackers are using to gain control of sites, and therefore thought it would be benificial to all admins and script mods who know their code to have a look at it to find out how the exploit was used.

If I am just talking crap and it is already know how the hackers gain acces then please just ignore my rants.

Anyway here's the sharing bit, this is the code I found by doing a bit of reverse lookup; Oh yeah it's big as well;

---

CODE REMOVED BY Mighty Gorgon

Hi Daggers, hacking is very annoying.

I've removed your code, because it's to big to be attached as a code... please attach a zip instead!

Latest patched phpBB XS should be safe from RFI attacks... I hope you have applied all patches.

____________
Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON