Ok my website has been hacked and it seems the hackers have done some sort of trickery and now it just displays some "game over" page my site is still there in FTP and the database is fine there were some php files in the ftp like e.php and soem other stuff something called zend.php which was supposed to decrypt a vbulletin config file but that would have been no use becuse my database is only acessible from my ip and localhost

How can i fix this stupid game over page?

Clean up your filesystem to remove any rogue scripts.
Overwrite your files with a clean copy of vB.
Check your templates and phrases for insertions.

Im checking through all my logs at th emoment trying to work out actually whats been done to see if a full re-install will be nesecarry

I still cant understand why anyone would want to hack me site i mean we had about 200 members and havent done any advertising really except the link in my signature

--------------- Added 1250084298 at 1250084298 ---------------

Only localhost has ever connected to the databse and none of the word "hacked" isnt in the databse or "hack" so its not a template as far as i know

do u access to the server???
i can help check your pm and reply back

do u access to the server???
i can help check your pm and reply backJust a warning to those who think they can offer their services by sending our PM's to random members who are looking for help with a problem, other then as a result of a Paid Request, is considered advertising and spamming.

^sorry about it

Im checking through all my logs at th emoment trying to work out actually whats been done to see if a full re-install will be nesecarry

I still cant understand why anyone would want to hack me site i mean we had about 200 members and havent done any advertising really except the link in my signature

--------------- Added 1250084298 at 1250084298 ---------------

Only localhost has ever connected to the databse and none of the word "hacked" isnt in the databse or "hack" so its not a template as far as i know

Hackers may have targeted because you were vulnerable to many reasons such as you could have been using an older version of vBulletin or some Hack for vBulletin that is out dated with a security whole causing them to target you.

"wlhaan" Is a Saudi Arabia Hacking Team/Group.

Are you on Shared Hosting, a VPS, or a Dedicated Server?

If you're on shared hosting then you ought to be thinking about a move.
I had my second installation of vBulletin, as allowed for testing, installed on my personal website under closed conditions. It was password protected and not open to the public.

Twice it got hacked and my host accepted responsibility, saying several sites got hacked.
I moved to another host after the second attack.

Our site is forever targeted by script kiddie groups etc etc as it attracts their attention.

These are steps that can help you identify the issue.


Reupload you vBulletin files
Reupload your style
Disable your plugin and hooks
Check your .htaccess
Check the replacement variable manager
Ensure that it is not some rough html in a notice or announcement.

everytime you complete a step check to see if the problem persists

I can almost surely bet that you have an index.html page in your root directory :) Try removing it, and your forum will be back

It's a common "trick" used by defacers, since most apache installations have a sequence of what pages to serve if you just go to www.yourwebsite.com and most of the time index.html is the first in line, and index.php comes after it

someone said it could have been a shoutbox i had Inferno Lite installed :s i really like dthat chatbox :(

see the proper way is to contact the host server , tell me if there are any vunerablities in their hosting and check

most hackers see to the hosting vunerablities and then make use of it to hack forums or they use unofficial mods , by bad users to install stuff

you are using a genuine copy like us , so just talk to them and see if they have vunerablities or not
AND EVEN STAFF CAN BE-TRAY YOu remember!!!