vb.org Archive
Page 4 of 4 « First 23 4
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Site hacked by Myanmar Muslim Cyber Force (https://vborg.vbsupport.ru/showthread.php?t=302092)

sr20de_99 09-15-2013 03:00 PM
Quick question, I've turned my forums off in the AdminCP while I've been cleaning up after the hack. However when I go to my site I can see that there are several guests who appear to be accessing various parts of my forums. But when I try to access my site as a guest, I receive the message that the forums are off line, and I can't access anything. Has anyone else notice this?

ozzy47 09-15-2013 03:05 PM
They should have he little lock icon next to their usernames, if they are attempting to view the site while it is closed.

Paul M 09-15-2013 03:19 PM
Quote:
Originally Posted by teamemmenracing (Post 2445163)
and from nowhere this file appears .....

zdberrb4476bf0aed19d1e05964d0757f51.dat

it doesn't look legit, I managed to open it up and the only contents were a number .....

13790115241146
That is a legitimate file.

It created when you have a database error - to track the time and error code (1379011524,1146). This is used to limit the number of database fail e-mails sent.

tnedator 09-15-2013 05:41 PM
Quote:
Originally Posted by pityocamptes (Post 2445698)
I would get a hold of a clean version of you entire root download it to your desktop, along with the corrupted files (entire root files) and compare the corrupted version to the clean version you have before the hack...
Can you recommend a good Windows compare tool that would compare all the files in both forum root directories and highllight the differences?

pityocamptes 09-16-2013 03:38 AM
Quote:
Originally Posted by tnedator (Post 2445824)
Can you recommend a good Windows compare tool that would compare all the files in both forum root directories and highllight the differences?
I've used winmerge before, its pretty good...

http://alternativeto.net/software/me...atform=windows

Phat Phreddy 09-16-2013 09:43 AM
Has anyone recovered from this without reverting to an earlier database ??

I have securi saying all files are clean.. I have the install folder gone.. Of course removed the admins and stuff.. But I am still being taken out..

pityocamptes 09-16-2013 02:31 PM
Quote:
Originally Posted by Phat Phreddy (Post 2445935)
Has anyone recovered from this without reverting to an earlier database ??

I have securi saying all files are clean.. I have the install folder gone.. Of course removed the admins and stuff.. But I am still being taken out..
I would compare the db and files (corrupted) to a known clean set before hack. At least you could determine what files are modified, which you could eliminate...

Spangle 09-17-2013 07:44 AM
If you are running a portal check the index.php file, when mine was hacked this was re written.

In fact you need to check the index.php file anyway.

also look for any txt files in the root, I found a couple, also look for a file called mail.php, this was re-writing the index.php file even after I'd uploaded a clean version

SupportAM 10-04-2013 05:25 PM
how do you check the logs? I upgraded to 4.2.1 and it is through cms

--------------- Added [DATE]1380912104[/DATE] at [TIME]1380912104[/TIME] ---------------

Okay I got it ! They messed up the forum home template. I replace with the older style.


All times are GMT. The time now is 02:19 PM.
Page 4 of 4 « First 23 4
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01049 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (9)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete