vb.org Archive
Page 1 of 3 1 23
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   My Site Hacked Redirected?! Got Damn! (https://vborg.vbsupport.ru/showthread.php?t=125725)

Chicago_VLNU_4s 09-03-2006 08:04 PM
My Site Hacked Redirected?! Got Damn!
 
....... www.offthaave.com/forums OTA 4 DAYZZ! We still runnin strong on you lames!

Kirk Y 09-03-2006 08:10 PM
They may have added a Meta Redirect, check your headinclude template I believe.

Paul M 09-03-2006 08:15 PM
Do you have the topXstats mod installed ?

Chicago_VLNU_4s 09-03-2006 08:15 PM
i'm new to all this so please be as exact as you can acid. Walk me thru to what i would have to look for.

Thanks 4 the quick reply

Chicago_VLNU_4s 09-03-2006 08:16 PM
yes @ Paul M.. i was just reading your other post a few threads down. I dont get it though, yes i have it, but what do i do now?

Kirk Y 09-03-2006 08:17 PM
Paul is probably right on this one, I know a lot of people have been recently getting this problem as they've installed Top X Stats or Cyb Top Poster.

Download the latest version whichever you have; they should be patched.

Paul M 09-03-2006 08:18 PM
Actually, it looks like your index.php file may have been replaced, upload the original vbulletin index.php from your zip file.

Chicago_VLNU_4s 09-03-2006 08:31 PM
Nope @ Paul M. restored original index.php and it still re-directs!!!!!! what now??

Smoothie 09-03-2006 08:36 PM
Check to see if there is a .htaccess file on your server.

Paul M 09-03-2006 08:41 PM
Try disabling all your plugins by adding this line to your config.php

define('DISABLE_HOOKS', true)

Kirk Y 09-03-2006 08:47 PM
Quote:
Originally Posted by Smoothie
Check to see if there is a .htaccess file on your server.
Check to see if a redirect has been added to your .htaccess file; most people already have one on their server.

Chicago_VLNU_4s 09-03-2006 08:52 PM
Quote:
Originally Posted by Smoothie
Check to see if there is a .htaccess file on your server.
yeh, i have the myspace profiles up and the .htaccess is in the forums root. But i just tried deleting that and no good.. Paul M, i'll try disabling the hooks like you said and see what happens

*************************************

well do i have to put
Quote:
define('DISABLE_HOOKS' true)
in a certain place? cuz i put it below the first two boxes and nothing.... still re-directs to that lame @$$ site. WHat's next?

and for the .htaccess file on my forum root, this is the only thing in it

Quote:
RewriteEngine On
RewriteRule ^$ index.php
RewriteRule (^[-_A-Za-z0-9\ ]*$) member.php?&username=$1

Paul M 09-03-2006 09:02 PM
Sorry, there is nothing else I can tell you, it looks like you will need to give someone access to your site to investigate where the redirect is coming from.

Chicago_VLNU_4s 09-03-2006 09:11 PM
ok, well who do i give access to the site because you can't even login thru admin cp? should i try to alert my host administrator or what?

Paul M 09-03-2006 09:14 PM
anyone that ;

1. You trust.
2. Knows what they are doing with respect to vbulletin.

Smoothie 09-03-2006 09:16 PM
No, check to see if you have a .htaccess file in your public_html directory not forums directory.

Paul M 09-03-2006 09:20 PM
You can get to his acp login page up okay, so I don't think it's an htaccess file anywhere.

Chicago_VLNU_4s 09-03-2006 09:25 PM
well.. i just filled out a support ticket @ vbulletin.com .. but i mean, if i can't log on thru admin cp, what good will it do giving some1 out my info like that?

Wild-Wing 09-03-2006 10:00 PM
read this post https://vborg.vbsupport.ru/showpost....69&postcount=6

Al-Fateh 09-03-2006 10:57 PM
question to Paul

what does the Top X Poster do to the site?

Shazz 09-03-2006 11:01 PM
Quote:
Originally Posted by Al-Fateh
question to Paul

what does the Top X Poster do to the site?
Well if paul dosen't answer you can find more description of it here

https://vborg.vbsupport.ru/showthrea...&highlight=top

Al-Fateh 09-03-2006 11:08 PM
i have one similar to that on my site by Cyb

it works just fine with no problems at all, i had it for months now

but this site hack thing got me scared LOL

Wild-Wing 09-03-2006 11:51 PM
yea its happened twice to the forum i admin and code for. so i divised my own fix that the vbull developers think is stupid

Odoin 09-03-2006 11:54 PM
What was your fix Wild-Wing?

Wild-Wing 09-03-2006 11:54 PM
go up to post # 19 and click that link its the best solution i think

Chicago_VLNU_4s 09-04-2006 12:14 AM
well, i think i MIGHT know what its coming from. Lets say if you had illegal content on your site (music downloads) and a company sent you a e-mail twice, but you didn't end up checkin your mail till the day your site is down, could they tell your domain to foward your site to another one? I'm willin to work with this buisness cuz they said they would let me take down the music, but how the f*ck am i goin to do it if i can't get on. So i e-mailed these jackasses back askin them what they did and they need to put my site back cuz i can't do anything if i can't even get into the admin cp.

On top of that, these @$$holes coulda had it re-direct to there own site, but they have it sent to another forum.... b*tches

puertoblack2003 09-04-2006 12:25 AM
Quote:
Originally Posted by Chicago_VLNU_4s
well, i think i MIGHT know what its coming from. Lets say if you had illegal content on your site (music downloads) and a company sent you a e-mail twice, but you didn't end up checkin your mail till the day your site is down, could they tell your domain to foward your site to another one? I'm willin to work with this buisness cuz they said they would let me take down the music, but how the f*ck am i goin to do it if i can get on. So i e-mailed these jackasses back askin them what they did and they need to put my site back cuz i can't do anything if i can't even get into the admin cp.

On top of that, these @$$holes coulda had it re-direct to there own site, but they have it sent to another forum.... b*tches
listen i had the same problem go to your admin cp disable your forum. Go to the last reg user delete that because that will be the hacker that registered and then disable all plugins from there go to the thread that the script was injected then then delete the post and take it from there and install new patch for topxstat that's where the problem with me was.And turn plugin back on and you will be ok

Ntfu2 09-04-2006 12:28 AM
check all your forum postings.

You probably got hit with a meta refresh in a thread title.

if you need help let me know

Paul M 09-04-2006 12:33 AM
Quote:
Originally Posted by Al-Fateh
i have one similar to that on my site by Cyb

it works just fine with no problems at all, i had it for months now

but this site hack thing got me scared LOL
The mod by cybernetic had a security hole in it until last week when he updated it.

Ntfu2 09-04-2006 12:35 AM
That'll do it to :darnkids:

Chicago_VLNU_4s 09-04-2006 12:38 AM
lol you guys are skipping the important part, i CANT access admin cp. I can get into the log in screen but when i log in, it goes to that stupid ass site. And you can access my homepage via www.offthaave.com but you can't access the forums without it re-directing!

puertoblack2003 09-04-2006 12:45 AM
Quote:
Originally Posted by Chicago_VLNU_4s
lol you guys are skipping the important part, i CANT access admin cp. I can get into the log in screen but when i log in, it goes to that stupid ass site. And you can access my homepage via www.offthaave.com but you can't access the forums without it re-directing!
i saw that one of the user say to replace the index.php now in admincp it also has a index.php try to replace it and try again

also go to the topXstat.php and change the extension to wat ever.

Chicago_VLNU_4s 09-04-2006 01:04 AM
^^ well i replaced the index.php in the admin cp and no go.... and i can't find the directory where topXstats.php goes.. help?

Wild-Wing 09-04-2006 01:06 AM
Quote:
Originally Posted by Chicago_VLNU_4s
well, i think i MIGHT know what its coming from. Lets say if you had illegal content on your site (music downloads) and a company sent you a e-mail twice, but you didn't end up checkin your mail till the day your site is down, could they tell your domain to foward your site to another one? I'm willin to work with this buisness cuz they said they would let me take down the music, but how the f*ck am i goin to do it if i can't get on. So i e-mailed these jackasses back askin them what they did and they need to put my site back cuz i can't do anything if i can't even get into the admin cp.

On top of that, these @$$holes coulda had it re-direct to there own site, but they have it sent to another forum.... b*tches
heres what you do go to your site ie http://www.yoursite.com/forum/usercp.php then go to new posts and delete the thread

puertoblack2003 09-04-2006 01:06 AM
Quote:
Originally Posted by Chicago_VLNU_4s
^^ well i replaced the index.php in the admin cp and no go.... and i can't find the directory where topXstats.php goes.. help?
man ok the topXstst should be in your forum directory that if you have it installed

Wild-Wing 09-04-2006 01:14 AM
most likely the root directory of the forums

Quote:
Originally Posted by Chicago_VLNU_4s
lol you guys are skipping the important part, i CANT access admin cp. I can get into the log in screen but when i log in, it goes to that stupid ass site. And you can access my homepage via www.offthaave.com but you can't access the forums without it re-directing!
get phpmyadmin and look in your templates table and search for the header include template delete the meta redirection in it

Ntfu2 09-04-2006 01:35 AM
its either a meta redirect, or a .htaccess which will be in the web root

Wild-Wing 09-04-2006 01:39 AM
well if it was a .htaccess redirect the whole site would redirect

Chicago_VLNU_4s 09-04-2006 03:10 AM
well still can't get on. Butters is trying to help me.. but unfortunately, my site is still redirected hacked :(

peterska2 09-04-2006 03:11 AM
I've just tried and can get to your admincp just fine.

Go directly to the URL for your admincp NOT to your forums first.


All times are GMT. The time now is 03:28 AM.
Page 1 of 3 1 23
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01449 seconds
  • Memory Usage 1,817KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (11)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (40)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete