MyBB Community Forums
Hijacked Board - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Archived Development and Support (https://community.mybb.com/forum-155.html)
+----- Forum: MyBB 1.6 (https://community.mybb.com/forum-138.html)
+------ Forum: 1.6 Security Management and Support (https://community.mybb.com/forum-153.html)
+------ Thread: Hijacked Board (/thread-140340.html)

Pages: 1 2


Hijacked Board - TinkerToyz - 2013-06-03

I created a board last year for demonstration purposes and had about a dozen members sign up and post a few things.
I ignored it for months and months and decided to reinstate the board and use it again.
I now see that there at almost 20,000 users in my SQL database and thousands of posts ... nothing to do with the subject board of course.
I fear they are using my board for porn and Lord knows what else!

How can I clean up this mess short of deleting my whole web site and rebuilding it. The PHP is fine, just need to remove all users except myself for now and delete all the posts.

Thanks
TT


RE: Hijacked Board - .m. - 2013-06-03

you can run below SQL query to remove all users except yourself (assuming that database tables prefix is mybb_)
DELETE FROM mybb_users WHERE uid <>  1

and empty below tables using database manager (I might have forgot few - but they may not make much difference)

mybb_posts, mybb_threads, mybb_forumpermissions, mybb_forumsubscriptions, mybb_forumsread, mybb_privatemessages,
mybb_polls, mybb_pollvotes, mybb_threadsubscriptions, mybb_threadsread, mybb_moderators, mybb_moderatorlog


RE: Hijacked Board - TinkerToyz - 2013-06-04

Thanks!
I'll run the scripts and let ya know how it goes.

TT


RE: Hijacked Board - pavemen - 2013-06-04

they are auto incremented fields, so when you purge the tables, you may want to think about reseting the next increment as well. otherwise your first new post will be #20000 or something

if you are using phpmyadmin, I believe it is on the operations tab for each table as you view the table.


RE: Hijacked Board - Time_to_start - 2013-06-07

Boy the titles in this forum make me feel insecure using MyBB :
"Hijacked Board"
"Security Vulnerability"
"Forums problems and security issues"
"Theme Security Error?"
"Security Issue?"
"MYBB Hacked"
"New vulnerability in 1.6.9 allows malware insertion"
"Forum Hacked"
...

lol


RE: Hijacked Board - Nathan Malcolm - 2013-06-07

A lot of the time it's due to other factors such as environment, poorly coded plugins, or lack of knowledge by the administrator. As long as you keep your forum updated and you don't do something stupid such as setting to password to '12345', you should be fine.


RE: Hijacked Board - jpninside - 2013-06-08

A thing I never understood is why people never do their possible to prevent spam if it's an easy thing to do. Just install some plugins (2 or 3 as I remember) and change some options into your administrative section and then you can prevent spam.


RE: Hijacked Board - pavemen - 2013-06-08

also, "hijacked board" in this case is not a security issue at all. its about an abandoned board that spammers took over and by took over I mean primary posters, most of the users, etc.


RE: Hijacked Board - Mr407 - 2013-06-09

(2013-06-07, 10:40 AM)Time_to_start Wrote: Boy the titles in this forum make me feel insecure using MyBB :
"Hijacked Board"
"Security Vulnerability"
"Forums problems and security issues"
"Theme Security Error?"
"Security Issue?"
"MYBB Hacked"
"New vulnerability in 1.6.9 allows malware insertion"
"Forum Hacked"
...

lol
MyBB is very secure, it's just that some people use insecure plugins or just practice poor security in general. i.e (Password123 or using @yahoo or @live/hotmail emails)


RE: Hijacked Board - MinecraftGeek - 2013-06-16

Your board has not been hijacked spam bots have entered your forum.

They're not real people.