vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   My Forum HACKED for the 3rd time. (https://vborg.vbsupport.ru/showthread.php?t=70041)

mcyates 09-30-2004 07:44 PM
My Forum HACKED for the 3rd time.
 
Someone keeps on going onto the forum with my account even though I have changed my password to a 16 character password with words and numbers, AND passwords protected the site (admincp) via .htaccess.

Is there anyway i can stop this from happening? e.g. cmod admincp 000 to stop people from accessing the admin or will this give the site some problems which might require files in the admincp?

Please help a.s.a.p

nexialys 09-30-2004 07:50 PM
this is impossible that you've been hacked that way... you may have something outside the server...

you have admins ?! moderators, supermods, etc... someone else have access to your computer, etc... these are always the same questions you have to answer...

there is not a single possible way to hack Bulletin the way you claim... so it's 100% on your side.

Zachery 09-30-2004 07:53 PM
Quote:
Originally Posted by mcyates
Someone keeps on going onto the forum with my account even though I have changed my password to a 16 character password with words and numbers, AND passwords protected the site (admincp) via .htaccess.

Is there anyway i can stop this from happening? e.g. cmod admincp 000 to stop people from accessing the admin or will this give the site some problems which might require files in the admincp?

Please help a.s.a.p
Do you allow ANY html ?

mcyates 09-30-2004 07:53 PM
Quote:
Originally Posted by nexialys
this is impossible that you've been hacked that way... you may have something outside the server...

you have admins ?! moderators, supermods, etc... someone else have access to your computer, etc... these are always the same questions you have to answer...

there is not a single possible way to hack Bulletin the way you claim... so it's 100% on your side.

Ok thanks.

I do have super mods and moderators. I will have to remove some of them.

mcyates 09-30-2004 07:58 PM
Quote:
Originally Posted by Zachery
Do you allow ANY html ?
So this can't happen with even hack on the site? I only have the Arcade, Photopost and the last 5 stats (posts) on the main site.

mcyates 09-30-2004 08:06 PM
Quote:
Originally Posted by Zachery
Do you allow ANY html ?
I'm sure its all bee3n turned off. One sec though i'll just double check.

mcyates 09-30-2004 08:09 PM
Quote:
Originally Posted by mcyates
I'm sure its all bee3n turned off. One sec though i'll just double check.
Just [HTML] on the Enabled Built-in BB Codes in the vb admin options. all the other html is turned off.

mcyates 09-30-2004 08:37 PM
Quote:
Originally Posted by mcyates
Just [HTML] on the Enabled Built-in BB Codes in the vb admin options. all the other html is turned off.
I still have the /install folder on my domain with all the upgrade.php files on will that be a security risk?

Zachery 09-30-2004 09:04 PM
Quote:
Originally Posted by mcyates
I still have the /install folder on my domain with all the upgrade.php files on will that be a security risk?
No, only the "install.php" does and even then it could only delete the database.

Which version of the arcade?

mcyates 09-30-2004 09:07 PM
Quote:
Originally Posted by Zachery
No, only the "install.php" does and even then it could only delete the database.

Which version of the arcade?
the latest one, i only installed last week but this has been happening for about 4 weeks now.

Zachery 09-30-2004 09:24 PM
I would contact your host, its a good chance there is somthing being done on the server level, oir you have a torjan horse on your computer or somewhere in your network.

Isaiah33 10-01-2004 02:42 AM
well i have heard of priv8 vbulletin exploits...

miz 10-01-2004 03:59 AM
Quote:
Originally Posted by Isaiah33
well i have heard of priv8 vbulletin exploits...
i know about some sql injection that affects all of vb2 systems what is the version of your board ?

mcyates 10-01-2004 05:39 AM
Quote:
Originally Posted by miz
i know about some sql injection that affects all of vb2 systems what is the version of your board ?
VB 3.03

mcyates 10-01-2004 08:09 AM
Quote:
Originally Posted by mcyates
VB 3.03
I have changed my password, chage the admin folder and password protected the admin area with htaccess password. I might do the same for the moderators area.

nexialys 10-01-2004 10:25 AM
it sure have some piracy exploits over vb 2.x, that's one of the reasons upgrades exists... each time someone find a leak in the code, a patch is released, and there was none about that kind of exploit in the last 6 months...

mcyates 10-01-2004 11:39 AM
Could someone please give the SQL code for changing my forums to not Allow HTML code in the forums. I think a few might be allowing html code on the forum but i want all of them to NOT allow it

Thanks in advance.

SaN-DeeP 10-01-2004 11:44 AM
Quote:
Originally Posted by mcyates
Could someone please give the SQL code for changing my forums to not Allow HTML code in the forums. I think a few might be allowing html code on the forum but i want all of them to NOT allow it

Thanks in advance.
goto each forums permissions and disable HTML code :)

mcyates 10-01-2004 11:46 AM
Quote:
Originally Posted by SaN-DeeP
goto each forums permissions and disable HTML code :)
that's the hard way. I'll do it that way though as then i definately know myself that html is turned off on all the forum.

mcyates 10-01-2004 11:55 AM
The all had HTML turned off.

Logikos 10-01-2004 12:06 PM
Make sure HTML is turned off in PMs, Calendar Events, Signatures, and anywhere eles where it would be enabled. If it is all turned off, i would contact your host, as i don't see it being vB being hacked, but your never know, there could be an private injection that vB don't know 'yet'.

mcyates 10-02-2004 04:31 PM
Yeah its all off. Im just waiting again for it to happen


All times are GMT. The time now is 02:30 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01182 seconds
  • Memory Usage 1,760KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (13)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (22)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete