How to stop this hacker?
 

I have had a problem with this hacker for a few weeks now. He says he is using a program called "Judgement Day." He is hacking into member accounts and posting with them. I think he is having their passwords reset and the emails are being sent to him.

Also, this guy was a long time member of my forum and was actually a very polite and friendly guy until a few weeks ago. I banned his IP because he posted a lot of offensive things then this is when he started hacking accounts.

I really need help getting rid of this guy.

--------------- Added [DATE]1242124959[/DATE] at [TIME]1242124959[/TIME] ---------------

He also said he was using javascript to get passwords.

do you run the latest version of vbuletin and what hacks do you have installed?

I just upgraded to the latest version of vb. I have a lot of mods installed. I am not sure if any those are the problem but I am willing to do anything to get rid of this pest.

Heres a list of all the products I have. Is there anything in there that could be causing the problem? I don't have all this mods going at once. I only have maybe 10 of them enabled.

vBulletin 3.8.2
Add Banner 1.7 Add banner on each forum.

Advanced Time And Date 1.0 Look At Title - By EnIgMa1234

ajaxReg 4.0.0 This is an ajax registration system that displays reasons why registration elements are not properly filled in.

Archive Adsense 1.0 Adds Adsense banners to the top and bottom of your archive pages.

Automatic Embedded Video 1.0 Automatically replaces any URLs which reference youtube, etc with and embedded player

Cback CrackerTracker 1.0.2 Securesystem

CES Dynamic [IMG] Resize 1.2.1 Dynamically resizes an oversized [IMG] to preset dimensions.

Chief First Post - Every Page 1.0.1 Chief First Post - Every Page

Cyb - Advanced Forum Statistics 5.7 Cyb - Advanced Forum Statistics

Cyb - Advanced Permissions Based on Post Count 4.2 Cyb - Advanced Permissions Based on Post Count

Cyb - Attention Zero-Posters 1.4 Cyb - Attention Zero-Posters

Cyb - Auto Reply 1.0 Cyb - Auto Reply

Cyb - ChatBox 2.3 Cyb - ChatBox

Cyb - Last Post Info Enhancements 1.1 Cyb - Last Post Info Enhancements

Cyb - PayPal Donate 4.4 Cyb - PayPal Donate

Cyb - PM System Enhancements 1.4 Cyb - PM System Enhancements

DCSEO Linkbacks 1.3

diggTopic 1.08 Lets the thread owner enter the digg url for the thread.

Display Unread Posts and Reputation Comments 1.25 Display the number of posts you have marked as unread and the number of new (unread) reputation comments.

Enhanced Captcha Image Verification 1.11 An image based verification system to prevent bots signing up to your forum

Forum Archive List Footer 0.0.1

Forum Statistics 1.07 Forum Stats

GTFooter Info Panel 1.0.1 Add an information panel to bottom of your pages.

GTSmiliebox - Move Smilies Below Editor 1.1.0 Move smiliebox below editor. Brought to you by http://mygtblog.org

GTUserCP - Enhanced USERCP Interface + USERCP Menu 1.1.1 Enhances UserCP interface. Brought to you by http://mygtblog.org

ibProArcade for vBulletin 2.6.5 ibProArcade - professional Arcade System for vBulletin

IpInfo 1.4 IpInfo is a replacement standard view users Post ip

KC-Favicon 1.2 Favicon Kiril Cvetkov

Latest Threads IN Marquee 1.0.1 By Developer

Latest X Threads on Forum Home 1.1 This hack will show the latest threads on your forum home page

Limited Guest Viewing 1.0.6 Limit guests to view a set number of threads before being locked out.

Member Info Latest Threads 1.1.0

most popular forum home 1.01

My Best Threads 1.2.7 By Developer

nCode OpenSearch 1.1 nCode OpenSearch adds an OpenSearch capabilities to your vBulletin board

New Post Alert In Showthread 1.0.2 Signifies new posts in showthread

Next/Previous Thread Title Replacement 2.1 Replace the "Next Thread" and "Previous Thread" links with thread titles.

Nick's Forum Home Announcment 1.5 Adds a forum an annoucment to forum home.

NoSpam! 3.0 NoSpam! allows you to specify a set of questions which members are required to answer correctly at registration, eliminating the ability of spam bots to register at your forums and post unwanted messages.

PM QuickReply 1.0.0 Beta shows quick reply box on show private message page

Quick Register 1.6.2 A way for guests to quickly register on any page.

Quick Reply Add On. 3.6.x Add On Editor Tools for Quickreply.

Quick Thread In Forumdisplay 1.0.0 Add the ability for users to make a new thread via forumdisplay.

Search For Unanswered Threads By Forum 1.1.0 This will enable you to search for unanswered threads, just in the forum you are currently browsing.

Smilies in Quickreply 3.6.x Show Smilies in Quickreply.

Split Useronline 1.0.3 This Hack splits the User who are online in FORUMHOME (Members/Team)

Title Replace 1.1 Replace Link With Page Title

Top 'X' Stats by InfiniteWebby 1.2.1a Display top 'X' posters, new members and latest replies on the forumhome.

vbBannerRotator by Frapegliko 1.1.0 Banner Rotator by politicsgr.com

vBCredits 1.3 An integrated points system by Darkwaltz4 [blackwaltz4@msn.com] that enables users to gain credits many different ways and can be utilized by third party applications. Contact for information on paypal and subscription addons, or branding removal.

vBE Evolution Style 1.1 vBE Steel Style Features

vbPhotoVote 1.5.0 Photo Voting System

vBSEO :: Sitemap Generator 1.6.1 Generate a Google & Yahoo Sitemap for your Forums

View threads started on postbit 1.0.1 You can add a little line (under number of posts) which shows the number of threads the poster have made.

vS-Hide Hack Resurrection (Expanded Edition) 2.8.1 Created By VisionScripts (www.visionscripts.com)

vS-Interactive Profiles 2.3.8 Created By VisionScripts (www.visionscripts.com)

ZH - % Of Forum Posts 1.0.6 Shows the % number of forum posts a member has posted.

ZH - Page Execution Time 1.0.0 Shows the page execution time on the bottom of every page.

ZH - Sticky Thread Mark-Up 1.0.2 Choose the display color for sticky threads

ZH - X This Thread 1.0.3 This adds digg,delicios,stumble icons to posts.

Zoints SEO 2.2.2 The Zoints Search Engine Optimization Package

Zoints Thread Tags 1.2.1 The Zoints thread tagging system

[AJAX] Alp Pro 1.6.0 Alp Pro

[APM] Advanced Product Management 3.0.4 Advanced tool to manage product, add/edit/delete product's components.

[NuHIT] - NuHIT URLs 1.0.0 NuHIT URLs

[Sniper] - Profile Field Tags 1.5.2 It turns user field values into links, so its easier to finds users with similar interests...

For first, you have to upload to your server into Install folder the correct files:
init.php and tools.php
Then login to tools.php and reset your admin access

what has this got to do with anything here?

he says other user accounts are being hacked not his.

ahh ok I thought he means to himself

ok, first thing: WAY TOO MUCH hacks on your forum... you know nothing about them and their interference with your site, so drop all of that... you want way too much things for your forum, so you give easy access to security breaches.,

then it's impossible to have passwords via a javascript, the guy is just there to make you panic. he simply have access to your adminCP and you are not aware of this. he can even have access to your database and you would see nothing of it.

the best for you is to have a guy from JElsoft securing your installation... ask for support on vbulletin.com ...

change your FTP and Cpanel passwords, also change your database password via your Cpanel and config.php.

As nexy suggests WAY to many hacks, if you only use 10 at a time, why not uninstall reinstall as you desire?

Are these accounts active accounts or inactive accounts?

Also double check that you are the only super admin in the config.php and via the admincp

Add 256 Bit Protection From Your Hosting Services..
It's A Payment Service...u Will Pay About 70 Dollars Per Year..

Note That Then Ur 100% Protected:)
Thats All
Then U Can Install All What U Want..

This is almost a year old thread.... !

Thats one of the most useless posts I've ever seen in this forum - SSL doesn't protect you from Exploits, leaked Passwords or human stupidity.

Please do NOT spread such false information here. How the hell is adding 256-Bit protection going to stop hackers??

Please think before posting if you actually know what you are talking about.

Too much modifications..check with that.

You can have as many mods as you want! I have over 25 mods on my forum!

But, to protect your files and database from this pest, all you need to create a .htacces file and a .htpasswd in the "ADMIN directory on your server! This will create another password for anyone to access the entire directory. Do the same for your "INCLUDES" directory and "INSTALL" directory. I had the same problem you did and this completely closes all back doors and prevents anyone accessing your shit!

Make sure you use a different username and password than the ones you use to access the admin control panel via the forums. Also encrypt the password with the link below.

Instruction are here:
http://www.phpfusion-mods.net/articl...?article_id=23

Password generator here:
http://www.htaccesstools.com/htpasswd-generator/

It will take some time for you to create these files and make them work properly by using the full path - AuthUserFile /full/path/to/.htpasswd

Once you get it all working correctly a window pops up asking you to enter the username and password when accessing these directories. No one will be able to do any changes accept for you and who ever has the htaccess username and password.

Good luck!

If you password protect your includes directory won't that stop everyone from being able to view the site? Many functions make calls to the includes directory, no?

Nope, have been doing it since last year, no problem. Includes folder is mostly admin functions. Also this site vb.org and VB's other site do the same!

It stops HTTP access from viewing the directory, not PHP from including the files and running them.

That sounds correct.....:)

Well that doesn't sound like it would do much to stop hackers then- if they can't browse the directory due to the presence of an index file or server config how would adding a password to the includes directory help if files can still be accessed via php?

Do some research on .htaccess files, does in fact stop anyone from writing, accessing, etc., that is not authorized through htaccess files. No way to get to the directories that have these files, not even the spiders or crawlers because they are completely protected from htaccess... period. Unless someone has your server or FTP client password and can bypass them by deleting them or altering them. Other than that it is almost impossible since the htacces file catches them with a password requirement while surfing to those directories.