View Full Version : style hacking
3ashek
12-26-2008, 10:54 AM
hello
I have a big problem with the vbulletin forums
I have a webhosting and I founf every day about 5-6 forums have hacked .
the hacking comming on the style for the forum . They just change the formhome template .
but I found this problem every day on all the vbulletin versions from 3.6.x to 3.8.0
please help me to find a solution for this .
Marco van Herwaarden
12-26-2008, 11:35 AM
Can you post URL to such boards?
Are they all on the same server?
3ashek
12-26-2008, 11:37 AM
this is one of them
2movies.net
this forum has been hacked 3 times on 2 days
and not all the forums on the same server
Marco van Herwaarden
12-26-2008, 11:57 AM
Would have more expected them to be on 1 server. If multiple boards, running different versions are being hacked, then you must look for the common factors.
It is unlikely that they are hacked thru core vB. More likely is direct database access or shell access on the server.
pnosko31
12-26-2008, 12:00 PM
are you using the same username and pass for all servers?
3ashek
12-26-2008, 02:17 PM
I make everything to make this server secuer and also I'm not using the SAME data on every forum
the last thing I want to explain that there isn't any changes happened to the files for this forum .
also the hacker didn't use the account on the board to make his hack as if he could hack the database or anythig else he could be deleta any thing from it
all what I do here to restore the forumhome template for the style as It was before ,
please tell me If there is something I can do to stop these hackers..
wait for reply
Marco van Herwaarden
12-26-2008, 02:25 PM
Well something is able to make changes to the templates table in the database. This is either done by direct access to the database (why delete info if you want to redirect to a spam site?), or by an installed modification that is vulnerable to SQL-injections.
3ashek
12-26-2008, 08:55 PM
Now after 7 hours of tryping this thread at this moment 8 forums has been hacked by the same way.
however I have reuploa forum files again and make firewall on the admincp and put new style ,
please tell me what is the problem there
Dismounted
12-27-2008, 03:13 AM
Well something is able to make changes to the templates table in the database. This is either done by direct access to the database (why delete info if you want to redirect to a spam site?), or by an installed modification that is vulnerable to SQL-injections.
...
Golzarion
12-27-2008, 05:04 PM
Why don't you take a look at server log ?? ( log access raw )
you can see how they act exactly ...
Do you use shared server ?
And did you change the database password after being hacked ?
change the database password and re edit config.php and also can test this plugin : https://vborg.vbsupport.ru/showthread.php?p=1687304#post1687304
vBulletin® v3.8.12 by vBS, Copyright ©2000-2025, vBulletin Solutions Inc.