Information on the Net-worm

[aRedMoon]

Or so you think =3~~

*ph34rz*

 

[Kipkip]

According to this:
https://securityresponse.symantec.com/avcenter/venc/data/perl.santy.html
It only affects phpBB forums that are prior to phpBB 2.0.11 which it the latest version. Google has stopped the virus from searching at it's site so now there shouldn't be much of a problem anymore. Here's also how to get you phpBB forum back after an attack.

Well, having gone 24 hours without sleep between fixing up my board and work, I thoughtr I should make the idiot's guide to all this, because I feel like quite the idiot. You'll hear a lot of people saying things like "just reupload the files" but that didn't work for me at all, so here's your ultra-simple step-by-step guide.

And remember, there are no stupid questions.

1. Download phpbb 2.0.11

2. Unzip it.

3. Open config.php and change the values for userdatabase, username, and userpassword to the values for your SQL. If you do not know the dbname, username, and password for your database you will need to ask your host for help in this matter.

<?php

//
// phpBB 2.x auto-generated config file
// Do not change anything in this file!
//

$dbms = "mysql";

$dbhost = "localhost";
$dbname = "userdatabase";
$dbuser = "username";
$dbpasswd = "userpassword";

$table_prefix = "phpbb_";

define('PHPBB_INSTALLED', true);

?>

Not screwing up at this stage is important! Make sure there are no extra lines, because if there are you will end up completely lost until your more php-saavy friend says "Well no duh it doesn't work, you probably have an extra space above the first line of congif.php". And your friends showing you that you suck at the internet isn't good.

4. Delete the old directory entirely. You may want to backup your avatars, pips, and smilies first, because for security purposes it is much safer to delete this.

5. Upload the files for php 2.0.11 just like you did when you first made your board.

6. Run https://www.yourdomain.com/yourphpbburl/install/update_to_php2011.php

If you can't figure out how to change that into your URL, you fail at life.

Or you need to let me know to explain that better.

7. At this point, if nothing has gone wrong and all your templates have also been replaced, it should work. If you are missing templates you'll need to go into the SQL and switch it to subSilver manually.

Originaly posted at phpBB's support forum.

 

[Fixen]

According to TechWorld, Google has patched it, and the threat is declared to an end.
https://www.techworld.com/security/news/index.cfm?newsID=2854

Perl.Santy.A was declared a Category 2 virus, with a high spread and medium damage. The list I posted earlier was not the blacklist for future attacks, but what has already happened. This appeared to be a collaboration of hackers.

Only two words that I hate now: SCRIPT KIDDIES. They aren't so bad this time actually. They made 300 forums go down.

 

[aRedMoon]

I read it was over 40,000 o.O;;

And yes, it's finally stopped. >_<

 

[pokejungle]

I'm glad my forums aren't phpBB >>;

I don't really think it was Google's fault though. I wonder if it had anything to do with their Application Making program =/

 

[Colette_The_Chosen]

......Script kiddie......I have a best friend who does that make-a-virus crap,and she sends it all to the school bullys.It comes in an email that looks like this:

Subject: You have won 200,000 Dollars!

Message: Please claim your prize by clicking Here.

______________________________________________________________

And when they click there, the have a wolf that dances on their screen,and it deletes everything in their 'My Documents' folder.....o.0

 

[pokejungle]

Sounds like fun ^^

I'm too nice to do something like that, but I wish I weren't!

 

[Colette_The_Chosen]

^_^ ....... Well, don't ask me for lessons.
I can hack, but I can't make viruses!

 

[pokejungle]

How do you hack? I couldn't hack into a site if I tried. [Meaning: All you webbies are safe from me! =P]

 

[aRedMoon]

No talking about hacking on PC please....

 

[HellishHades]

How do you hack? I couldn't hack into a site if I tried. [Meaning: All you webbies are safe from me! =P]

*link removed*

That's the basics. If you can't do that, then don't even think about doing complicated stuff.

 

[Geometric-sama]

Oh no you don't. You are NOT posting links to hacking sites on PC.

 

[aRedMoon]

v.v Wasn't that one of the joke ones?

 

[Scizor V]

LOL, anyways those e-mails with 'You have won 200,000 Dollars!' etc.. maybe she should re-think her method into 'Hey dude' or 'long time no see' or 'sup' or if she knows their friends name just add 'its justin i found this..' because 'You have won 200,000 Dollars!' is a clear indication on you are screwed lol

Well my friend(s) are also hackers some script-kiddies or been claimed as that. They have attacked hundreds of sites some own other anime sites and the 'competition' gets taken down. Its funny though.

 

[Geometric-sama]

Joke or not, no links to that kind of site.

 

[pokejungle]

XD

I wasn't asking for a link~! XD

I junk e-mails that look phisy. I mean fishy.