vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Help! Someone hacked my forum (https://vborg.vbsupport.ru/showthread.php?t=152670)

mighty mouse 07-18-2007 10:14 PM
Help! Someone hacked my forum
 
I have the latest version installed and there are no security warnings.

I logged into my site and a big message came up saying my site was hacked.

How did they get in and how do I get rid of it?

http://www.mightysworld.com/forum

Blaine0002 07-18-2007 10:18 PM
um, noone hacked your boards... Another administrator simply changed your header template and added a bunch of stuff.

mighty mouse 07-18-2007 10:25 PM
don't have any other admins but my biz partner, and he would not do that.

How do I undo it?

Blaine0002 07-18-2007 10:30 PM
revert your header template.

mighty mouse 07-18-2007 10:38 PM
I dn't know what you mean. I don't know much about how it works, i just install it and run it from ACP

ShawneyJ 07-18-2007 10:42 PM
can you ask your host to help you out?

Blaine0002 07-18-2007 10:43 PM
Edit the template you are using on your forum, select header, and on the right you should see a button that says revert.

mighty mouse 07-18-2007 10:44 PM
My hosting company? What would they have to do with the vbulletin software? I was going to go to them first, but figured it was a vbulletin issue not a hosting issue. correct me if I am wrong, I really don't know much about this stuff.

Quote:
Originally Posted by Blaine0002 (Post 1295087)
Edit the template you are using on your forum, select header, and on the right you should see a button that says revert.

Thanks.

So, this was done from within the ACP, not from an outside source?

ShawneyJ 07-18-2007 10:48 PM
your forum is ran from your sever host, my host helps me on this kinda stuff.

downtownhost.com rocks.

mighty mouse 07-18-2007 10:52 PM
I tried to revert, it said "nothing to do" there was noting to revert to

ShawneyJ 07-18-2007 10:54 PM
Quote:
Originally Posted by Blaine0002 (Post 1295087)
Edit the template you are using on your forum, select header, and on the right you should see a button that says revert.

so you sure they never got in to his server and up loaded a template over righting the .php?

bobster65 07-18-2007 11:00 PM
Quote:
Originally Posted by jaycob (Post 1295098)
so you sure they never got in to his server and up loaded a template over righting the .php?
Well, you can go to forum/memberlist.php and the same header comes up with some vB stuff towards the bottom of the page, so Blaine is prolly correct in that the header template was changed... not sure how Blaine knows for a fact that it wasn't "hacked" tho lol .. hacking includes obtaining access to a site and defacing it (as in this case)..

Blaine0002 07-18-2007 11:01 PM
My guess is it wasnt hacked becuase if it was truely hacked his vbulletin files would be gone.

ShawneyJ 07-18-2007 11:02 PM
ok no worrys just checking lol cheers.

mighty mouse 07-18-2007 11:04 PM
I have never updated any new templates or styles, I keep it simple.

So, I tried to revert all templates, to make sure the bad one got reverted. It reported again "nothing to do". So it is not showing an "updated" or "altered" template.

bobster65 07-18-2007 11:04 PM
Quote:
Originally Posted by Blaine0002 (Post 1295106)
My guess is it wasnt hacked becuase if it was truely hacked his vbulletin files would be gone.
eh.. novis hackers with nothing better to do.. I used to see this daily when I worked at an ISP lol ..

I guess someone could send him a default header template to get him back online at least :D

ShawneyJ 07-18-2007 11:09 PM
Quote:
Originally Posted by bobster65 (Post 1295111)
eh.. novis hackers with nothing better to do.. I used to see this daily when I worked at an ISP lol ..

I guess someone could send him a default header template to get him back online at least :D
yes its bullshit, once they have all the tools to do it there is no stopping them lol.

we got a hacker just a few days ago, he messed with only the gobal.php for some reason,

the host got his ip and tracked his isp as being a russian lol.

all i can do is change the pass every day lol.

mighty mouse 07-18-2007 11:09 PM
Found a post on vbulletin.com about this very hacker

http://www.vbulletin.com/forum/showthread.php?t=237018

but reverting did not work for me, I'll just have to wait for the staff to help me out I guess.

Thanks.

Quote:
Originally Posted by bobster65 (Post 1295111)
eh.. novis hackers with nothing better to do.. I used to see this daily when I worked at an ISP lol ..

I guess someone could send him a default header template to get him back online at least :D

Will the original installation files have a default header in it? I think I have them saved on my pc somewhere.

Blaine0002 07-18-2007 11:16 PM
Its also possible that its someone on his shared hosting using a unix command through a php code.


All times are GMT. The time now is 05:49 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01140 seconds
  • Memory Usage 1,752KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (6)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (19)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete