MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Is it possible - mysql injestion on mybb, how to hack a mybb forum?
Full Version: Is it possible - mysql injestion on mybb, how to hack a mybb forum?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

james12

2010-08-19, 06:43 AM
Hello,

I have 3 questions

1. How to mysql injest a mybb forum.

2. Cross site scripting, any specific files are needed to change for that to happen so it can be called a cross site scripting.

3. What are the ways to hack a mybb forum.

Please list the possibilities that you think can arise according to you and how to prevent them?

I see that www.forums.digitalpoint.com is never hacked, how is that possible when we all have to be online with the fear of getting hacked.

Do they take steroids or its just that they can spend a lot on these security things and "us" being new and without the ability to invest so much have to be online with the fear.

Probably the security people don't want to tell all the things for free to us or else how they will arrange their food. But for the sake of it, as this is a society of people who help each other, tell us all what to do to prevent hacking upto the standards at www.forums.digitalpoint.com

I don't want to hear it is not possible to not get hacked, anybody can get hacked - And i want to say to them why not google get hacked or digg or twitter, why only new sites of people for whom just being online is like a dream get hacked.

Please post the possibilities to hack a mybb forum and how to make mybb more secure.

All suggestions and ideas are welcome Lightbulb

Diminished

2010-08-19, 06:47 AM
http://mattrogowski.co.uk/2009/06/24/myb...en-hacked/

james12

2010-08-19, 07:02 AM
Thanks, we need more of these suggestions - the link in my sig is the same as the link posted by new. But every word is new when you are looking for more security.

So how to stop mysql injestion - As google never get hacked does that mean they have saved their files in God's hosting dataservers.

Matt

2010-08-19, 07:13 AM
Do you really think we'd release MyBB unpatched if this was possible??

1. You can't, there are no known SQL injection vulnerabilities. If there were, we'd fix them.

2. You can't.

3. As above, there are no known security vulnerabilities, if there were, we'd fix them.

Just because Digital Point haven't got hacked doesn't mean they're any more immune to it that you or I are. Not all hackings are even the software's fault but if we find something that can lead to SQL injection or something, it's fixed.

james12

2010-08-19, 07:19 AM
Thanks, that's why I am using Mybb Smile

But it can't be called that mybb is [un]hackable.

Jammerx2

2010-08-19, 07:56 AM
MyBB is secure, however there is almost always a way for a user to get hacked. It will not be through MyBB though, unless you have modified files or insecure plugins.

Regards,
Jammerx2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Is it possible - mysql injestion on mybb, how to hack a mybb forum?