vb.org Archive
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   iframe injected into all templates (https://vborg.vbsupport.ru/showthread.php?t=301892)

dawges 09-04-2013 10:53 PM
Quote:
Originally Posted by snakes1100 (Post 2443309)
I wasnt suggesting files, i suggested in your db.
I found a table called "settings" in my database that contained only one entry. The iframe. Should i delete the entire table?

ozzy47 09-04-2013 11:01 PM
I dunno if I would delete it, maybe rename it to x_settings to make sure it is not supposed to be used by a mod or something. Then check your site and see if the iframe is still in the footer.

dawges 09-04-2013 11:06 PM
Quote:
Originally Posted by ozzy47 (Post 2443320)
I dunno if I would delete it, maybe rename it to x_settings to make sure it is not supposed to be used by a mod or something. Then check your site and see if the iframe is still in the footer.
Oops, i didnt mean delete the table just the entry. I did that but the iframe remains. There are no more database entries with this hack that i can see.

snakes1100 09-04-2013 11:06 PM
vb4 uses setting, not settings, if the only entry in that table is the iframe, id nuke it after backing it up.

But he has to be calling that table & setting, you may have more to inspect than just that.

dawges 09-04-2013 11:11 PM
Quote:
Originally Posted by snakes1100 (Post 2443323)
vb4 uses setting, not settings, if the only entry in that table is the iframe, id nuke it after backing it up.

But he has to be calling that table & setting, you may have more to inspect than just that.
Just found it again in the "datastore" table. however its full of other settings. not sure how to remove it from there.

snakes1100 09-04-2013 11:12 PM
Try this https://vborg.vbsupport.ru/showthread.php?t=265866

Backup your db first.

Manually editing your datastore can be tricky.

dawges 09-04-2013 11:24 PM
Quote:
Originally Posted by snakes1100 (Post 2443327)
Try this https://vborg.vbsupport.ru/showthread.php?t=265866

Backup your db first.

Manually editing your datastore can be tricky.
I saw this addon many times but ignored it lol. what a dummy. I just installed it and ran it through scheduled tasks and it removed the iframe.

Thanks!

I still have no idea how I was hacked but apparently they couldn't do much. they didnt even edit my config file.

I changed all passwords
Installed admin panel firewall
and ran the hack fix

that seems to have done the trick.

snakes1100 09-04-2013 11:26 PM
Welcome

ozzy47 09-04-2013 11:28 PM
Glad to hear it is gone for now, hopefully it won't come back. Maybe they got one of the admin passwords or something, or it could have come from one of your mods, make sure hey are all up to date.

--------------- Added [DATE]1378344772[/DATE] at [TIME]1378344772[/TIME] ---------------

I would also recommend installing this mod, https://vborg.vbsupport.ru/showthrea...ght=vbsecurity

dawges 09-04-2013 11:40 PM
Quote:
Originally Posted by ozzy47 (Post 2443336)
Glad to hear it is gone for now, hopefully it won't come back. Maybe they got one of the admin passwords or something, or it could have come from one of your mods, make sure hey are all up to date.

--------------- Added [DATE]1378344772[/DATE] at [TIME]1378344772[/TIME] ---------------

I would also recommend installing this mod, https://vborg.vbsupport.ru/showthrea...ght=vbsecurity
This is very troubling. I just dont see how they got in. However, if you do a search on those hackers nicknames on Google you will see other admin suffering the same fate today. I hope they find this thread.

--------------- Added [DATE]1378345346[/DATE] at [TIME]1378345346[/TIME] ---------------


All times are GMT. The time now is 07:51 AM.
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01768 seconds
  • Memory Usage 1,738KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (5)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete