• Welcome to Simple Machines Community Forum. Please login or sign up.

Rpcservers got hacked by metropolis

Started by kainfax, January 13, 2011, 02:16:01 PM

Previous topic - Next topic


Hello today we got hacked by metropolis

the txt was: Hacked by Metropolis, Just for fun, thank you google!
We use: SMF rc4
website: rpcservers.co.uk but the problem is fixed now.
but how did he hack ours forum ?

Thanks for reply


what mods do you have installed? do you have any other php apps running on your server? have you contacted your host about this?


Are you on shared hosting? Often the cause is another account getting hacked which the hacker then uses that account to affect the other accounts.  Definitely contact your host, ask them if they know how/why it happened. If you still feel SMF was the culprit, feel free to submit to our security page.
IchBin™        TinyPortal


We using Simple portall
and SMF RC4 nothing more...
No I havent conateced my host about this, we are using Tmdhosting.com. i just reporting this becuase maybe your can do something about this, maybe fix this ect...

Thanks for fast reply.,


there are no known vulnerabilities in smf at this time. please request your host to look into the issue. if they can point it back to smf then fill out the form linked above.


Could you perhaps post a link to php info?

TMDHosting are oversellers, big time. As they apparantly dont know a hard drive has limits, perhaps they also dont know how to secure their server and your account was cracked due to  bad security policy and another client running something hackable.

This is not caused by SMF.
((U + C + I)x(10 − S)) / 20xAx1 / (1 − sin(F / 10))
President/CEO of Simple Machines - Server Manager
Please do not PM for support - anything else is usually OK.


G.C. SOLUTIONS - Hosting Quality Sites Since 2006. Experience Your Forums On A Whole New Level
Elastic Sites Stress Fast CPU/Ram Upgrades- More Info Here.
Reviews By SMF Forum Owners - Read Our Rev


This is not in SMF, indeed. If you google the message "Hacked by Metropolis" you may find PHP-Nuke among others, as well as sites downloading trojans on users' computers. (do NOT trust those saying they "found" a "security vulnerability on your computer", they're hoax. May be best to not access them at all, except from a very secure computer.)

Please do check with your host, as mentioned above.
Also do check your own computer, throughfully, as well as anyone's computer which has FTP access to your forum.

Cross-posted with tumbleweed: ah, thank you for the link.
To-do lists are for deferral. The more things you write down the later they're done... until you have 100s of lists of things you don't do.

File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github