Website hacked!
 

My website has been hacked by some turkish group. :mad: Someone registered at my site. When i connected to my sql directly i found they had changed userid 1, the admin...

I had the following:

vBulletin 3.5.4
vBadvanced 2.1.0
DLM manager
VBgameserver hack
Teamspeak display hack

My best guess is they used some exploit in the vb gameserver hack. I'm now resetting my site using only:

vBulletin 3.5.4
vBadvanced 2.1.0
DLM manager

Are these three secure enough to use at this moment without getting hacked?

Second i used Mysql front to make back-ups of my database. Yesterday i used the same program to restore the sql file and guess what it didn't work :mad:

Because i just switched to vBulletin from phpnuke i had the phpnuke database which i could use, so only lost 2 weeks of data.

My second question what is a good program to use to back up your database and to restore it. PhPmyadmin is no option because i don't want it installed on my webspace. The only thing it will do is add another why to kill off my database. :confused: Another vB user pointed out to ssh, but are there any good programs out there that would do the job?

Thanks for all the help, i really need it!!!

I can only say that vBulletin 3.5.4 should be secure enough, there are no known security issues. About the other 2 i can't make a judgement.

Back ups (if you host don't make them yet) can best be made from the shell. Beside a terminal emulation programm, no other software needed.

For instructions see the chapters in the vBulletin manual:
Backing-up your MySQL Database Manually
Restoring your MySQL Database Manually

Did you have SSH or telnet enabled?

This is precisely the same thing that happened to me that I made a post about here and got my butt chewed out for it.

With all due respect, your statements in thread here made an attempt at lashing out at the software without regards to investigating the problem, is NOT as stated. In this thread, the poster is requesting help. I had to do some research to find that thread as I was unfamiliar with it.

Please either stay on topic and offer assistance or do not respond. If you would like to discuss this further, please PM me.

Aside from all of the bashing there was quiet a few good suggestions and pratices that could have been taken and followed.

I did take all the steps that where offered to me.

No, you insisted that it was a security hole in VB amid continuous suggestions that the problem lay elsewhere. Then you claimed that people were attacking you when they offered up any other possible explanation.

So what happened? Did you find out who was hacking your server every day? Where was the vulnerability?

Heidrich, I was on phpNuke when I was brutally hacked and from the way it is being described, my attack was similar to yours. One thing I took note of was SSH traffic. I had previously been hacked once before, a minor defacing, but I made note of the SSH traffic on that as well. This time it was much larger. It was then I requested my SSH and telnet disabled - in fact, all avenues of access other than ftp and http closed. Knock on wood, I've not had anything happen since. It was this last hacking that I had decided to move to vbulletin - away from phpNuke. Fortunately, since I worked for my ISP, and we were going to migrate to a newer box anyways, I built our next hosting box. The crack had corrupted the old mysql database. Even recreating the site wouldn't fix it. I hope your fix is easier than mine was.

As I stated, it was vbulletin.