Hi

Recently my vbulletin was hacked.
The hacker encoded his code in all template files and also changed admin password.

Admin area login page after deleting encoded hackers code from templates is displaying blank page.

I uploaded default style using tools.php but site is not opening.

I believe I need to set it a new default style through phpmyadmin as I cannot access admin area of vbulletin.

So I need to know 2 things:

1 - How can we upload styles using phpmyadmin
2 - How to set any existing style or the default vbulletin style as default/main working style through phpmyadmin.

I believe doing this might help to access admin area.

Thanks
Skyjet

You don't have a backup of your db before the hacker got in?

No..I know that is my mistake.. I have learnt a lesson

But when you access your admincp...the forums chosen default skin doesn't show up there.

It gives you just a login box. O_o

http://www.site.com/forum/admincp/ is there.. But when I click submit it takes to blank page..

Also http://www.site.com/forum/ shows blank page

I believe I need to set default skin to make them visible as hacker messed with the themes.

This is why I want to know how to set default skin through phpmyadmin.

I don't think that's you're problem, why don't you just re-upload your forum files ?

or at least start by uploading a fresh /admincp/ folder, that should get your ACP issue fixed at least, & from there you'll see what your problem really is.

I don't think that's you're problem, why don't you just re-upload your forum files ?

or at least start by uploading a fresh /admincp/ folder, that should get your ACP issue fixed at least, & from there you'll see what your problem really is.

Already uploaded admincp.. It didn't worked.. BTW hacker was unable to modify vbullein files..he only made changes in database..ie in vbulletin styles..

Already uploaded admincp.. It didn't worked.. BTW hacker was unable to modify vbullein files..he only made changes in database..ie in vbulletin styles..
Hi,
I faced this kind of hacking once , try to correct or re-install the default skin.

I hope it can help you
good luck

Hi,
I faced this kind of hacking once , try to correct or re-install the default skin.

I hope it can help you
good luck

Lol he's asking how to do it!

Have you checked your db for unwanted tables and other things?

Well mate if he had access to your database I'm sure he did more than changing your style.

I dunno but if it was me I'll try a million thing til you get it right, at least you should know whats wrong then find a solution.

try changing the admincp name to something else, like admincppp then try to access it, don't forget to change the name in your config.php

and can you reach any other page on your site? like showthread.php?19... or search.php

is it the index / admincp pages only or the whole site.

if the above didn't work I think your best option is to check your Database and see if it's messed up (try ask you host if they have a backup, most hosting co's does a backup weekly for users)

No other changes I have yet found in database..

Asked your host if they have a backup?

what's your VB version ?

can you post your site url ?

Asked your host if they have a backup?
No they don't have backup

No one knows how to set default style through phpmyadmin?

Sounds impossible imo.

you could look at the adminlog table or the templatehistory table and see if there are any clues in there

No one knows how to set default style through phpmyadmin?

In the "User" table change styleid to the id of whatever style you want for your userid, for me my default style is 1, 0 is for people who never picked a style... some other valid numbers for me are 8, 17, and 20 so I don't know the logic used to assign a style ID, I don't remember ever having 20 unique styles but who knows... if you pick an invalid number it will just attempt to show a default skin. I think the default is always 1.

You can check your valid style ids by browsing the style table.

You could download the vb 3.x whatever, and upload the tools folder and use the tools to fix your database.

In the "User" table change styleid to the id of whatever style you want for your userid, for me my default style is 1, 0 is for people who never picked a style... some other valid numbers for me are 8, 17, and 20 so I don't know the logic used to assign a style ID, I don't remember ever having 20 unique styles but who knows... if you pick an invalid number it will just attempt to show a default skin. I think the default is always 1.

You can check your valid style ids by browsing the style table.

This also didn't worked. :(

If you haven't already you need to re-upload ALL your vbulletin files as if you were doing a new install... your settings are in the database so you shouldn't lose much, if anything, from replacing the files.

However I am thinking of another way now to fix this.. So please advice me on this:

I have very old mysql database backup for this site ie about 1 year old.

I think I should delete existing(hacked) database and restore that old (backup)database and import the posts, threads and users table etc from existing(hacked) database as they are still as it is there.

So anyone can advice me which tables should be necessary to import from old database?

Is there a reason you can't or don't want to re-upload the files? How are you so sure the hacker was unable to access the files? No harm could come from trying to replace them.

Is there a reason you can't or don't want to re-upload the files? How are you so sure the hacker was unable to access the files? No harm could come from trying to replace them.


I already did but that didn't worked..

So, uploading your files didn't work or you just don't want to? I'm confused, you're kinda contradicting yourself at times ...

I think it's pretty clear he uploaded the files and it didn't work, at least I hope that's what he said.

A year old backup is better than nothing I guess- it's not just posts but a year of new users and PM's and everything else lost... at least you'll be up and running. I don't think there is a practical way of re-importing your posts and users though but it's not something I ever tried.

I think it's pretty clear he uploaded the files and it didn't work, at least I hope that's what he said.

A year old backup is better than nothing I guess- it's not just posts but a year of new users and PM's and everything else lost... at least you'll be up and running. I don't think there is a practical way of re-importing your posts and users though but it's not something I ever tried.

The most imp. think I want is users and posts.. So i just need details on that.. Pms and other things are not that imp..

What I would do is:

1.Export members+posts
2.Delete current database
3. change ftp/cpanel passwords
4. create new database
5. connect to server/ftp
6. delete all files/directories
7. Download vbulletin
8. upload and install vbulletin
9. import old backup
10. import members + posts that you exported from your recent database.

That'll get your site back online.

What mods did you have?

Did you disable hooks? Don't styles use some hooks? Try doing that.