|
Hacked again...
So now that I was hacked again and files are being destroyed, I need help fixing the problems.
Errors in all global.php's are there, pointing to the same EXACT line... eval($optionstemp[template]); HELP! EDIT EDIT EDIT! I meant to put this in Support...... |
Link just run a full clean install again... just redownload files from your vb user cp... sorry to hear about the hacking...
g-force2k2 |
Clean install....... goddamnit. This would be my 4th damned clean install in about a month. I am sick of this bull++++. Feel like I should just shut the damned thing down.
|
How is your site being hacked?
|
why don't you just restrict the admin cp so that no user can become and administrator and that no user can access the control panel except you?
g-force2k2 |
Quote:
|
ic smachol lets hope not...
else it might just mean its time for a new host... g-force2k2 |
I wouldn't really know how I am being hacked. But you know what? Even though my admin CP is crippled and non-accessible, I used the nifty admin-logs through phpMyAdmin and got the stupid IP address.
But I am wondering if there is anyway to fix the problems that the hacker caused...... |
Unfortunetly, I had left debug on while doing some hacks and of course the hacker took out all of the settings (almost). The setting table is left with 41 rows. While I can fix that, I want to know how to fix the file errors. BTW, I also have the admin log table stored right on my harddrive showing the hacker deleting setting groups and banning me (which I unbanned myself, but I can't do anything with a crippled admin CP) with the dateline and his IP Address.
|
if the hacker was trying to cripple through the admin cp then he must've just hacked the forums then... if thats they case the just define yourself as the only person able to access admin cp... ;) and restrict the setting.php file... just some ideas of course...
g-force2k2 |
Quote:
|
How do you restrict the setting.php file?
Quote:
|
Quote:
PHP Code:
PHP Code:
The safest option though is to put the entire admin directory behind a .htaccess block and uses a different username / password combo then you do for your forums. |
Quote:
|
I can get back my settings, but don't get these errors......
Parse error: parse error, expecting `T_VARIABLE' or `'$'' in /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code on line 1 Warning: Cannot add header information - headers already sent by (output started at /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code:1) in /home/sites/site68/web/forums/admin/functions.php on line 1628 Warning: Cannot add header information - headers already sent by (output started at /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code:1) in /home/sites/site68/web/forums/admin/functions.php on line 1628 Warning: Cannot add header information - headers already sent by (output started at /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code:1) in /home/sites/site68/web/forums/admin/functions.php on line 1628 Every other page has that on it, with the global.php, and I am wondering if when I get my settings back from the grave if it'll fix...... |
Make sure there is no white space at the end of functions.php after the ?>
|
If only it were that easy...
The global.php line: Code:
eval($optionstemp[template]);Code:
setcookie($name, $value, $expire, $cookiepath, $cookiedomain, $secure); |
Change this:
Code:
eval($optionstemp[template]);Code:
eval($optionstemp['template']); |
Once again..... if only it were that easy.... I tried it and still get the exact same error in all 3 global.php and function.php's
|
BTW, I got the settings up, but it still has same error, nthing has changed. I am going to go ahead and ban the corrupt admin so I don't have to deal with his ass whining and +++++ing...
|
Send me your global and functions files...
|
And how would I do this on a Linux server? I know absolutely nothing about .htaccess. :)
Quote:
|
Firstly, create a file inside you admin directory called .htaccess with the following content:
Code:
AuthUserFile path-to-admin-dir/.htpasswdYou will then be prompted with a popup security box that you have to enter the username and password before any files in the admin directory can be viewed. |
Would the path to the admin dir just be "admin" then?
Quote:
|
No, it needs to be the full path on the server, if you don't know that path, visit member2.php in your forums directory, this will give you a fatal error and the path to member2.php.
If you replace member2.php with admin thats the path to the admin directory ;) |
I tried that and all I got was a blank page with the word "done" in the status bar. :)
Would it be the same path as for my FTP? Quote:
|
Ahhh... never leave your debug on ever...
|
Quote:
This should work, visit admin/index.php?action=phpinfo and search for DOCUMENT_ROOT that gives the path to the root of your domain, ie www.yoursite.com, then just add the path to the forums admin after it, eg /forums/admin |
LOL This just isn't my day. :)
It tells me NO Value on that. :) Will this work? Code:
http://www.bearfacts2.com/forum/admin? |
how about this.
at the end of the first line of one of the index.php's, add some random characters. Upload it and run it. It will give you the path to the file |
Bingo! At first, I did as you suggested and added random characters to the end of the <?php line but the page still loaded fine. I then replaced the <?php line with random characters and and it gave me the error and the path I needed. Thanks for the help. I should have known that. DOHHH!!!
Now, how do I go about setting up .htaccess for the main forums dir without having to password it (do stop anyone from downloading any php files and stuff like that)? |
I think using .htaccess to protect /admin is working.
My website was hacked recently Even I change my administrator's password can not stop the hacker login in. I has checked my server ( include Apache's Log & DNS ) , no error can be find. And finial I find hacker was login into /admin using my account & password. After changed my password at lease 5 times , i decided to using .htaccess file at /admin directory. ps. 1. I find some website discuss crack vbb at China website .... like below http://www.enet.com.cn/esafe/inforce...720326189.html 2. Suddenly I find one thing , even the hacker can not login into /admin , but he still can login into system to delete mass post .... and do anything he want to do ...... :angry::angry::angry::angry: |
Quote:
|
| All times are GMT. The time now is 09:29 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|