Welcome to Geeklog, Anonymous Saturday, December 21 2024 @ 06:57 am EST
Geeklog Forums
VANISHED - Forums!
ohNoes!
Anonymous
Or more precisely, all admin access to the Forum plug-in. The forums are still there, and function just fine...but the admin access from the admin panel has mysteriously vanished, along with any mention of the Forum plug-in in the plug-in admin menu.
I think we may have been hacked. But, where did the access options go if the forums are still there?
Addiitonally, I'm getting a security warning stating that we haven't yet changed the password from the default "password," on one of the accounts. I checked the admin accounts and changed the PWs just to be safe, but still get the security warning. I'm assuming that the warning isn't coming because a regular user level account is still set to the default pass, right? If so, how can it be tracked down with hundreds of users?
I think we may have been hacked. But, where did the access options go if the forums are still there?
Addiitonally, I'm getting a security warning stating that we haven't yet changed the password from the default "password," on one of the accounts. I checked the admin accounts and changed the PWs just to be safe, but still get the security warning. I'm assuming that the warning isn't coming because a regular user level account is still set to the default pass, right? If so, how can it be tracked down with hundreds of users?
26
11
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by ohNoes!: Addiitonally, I'm getting a security warning stating that we haven't yet changed the password from the default "password," on one of the accounts. I checked the admin accounts and changed the PWs just to be safe, but still get the security warning. I'm assuming that the warning isn't coming because a regular user level account is still set to the default pass, right? If so, how can it be tracked down with hundreds of users?
Yep, the block simply checks all accounts on the site, so if you've already changed the Admin and Moderator account passwords, then it's one of your users.
It can be done in the same way the block does it: Check the 'passwd' field of all users for the md5 checksum of the word 'password'.
Btw, before you do that, consider that your user may be thinking that you're spying on them when you tell them what their password is ...
bye, Dirk
15
15
Quote
All times are EST. The time is now 06:57 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content