|
What to do for security when someone have access?
Hey guys Im very worry about that someone is posting on my site as any Staff he want on the Hidden staff section.....
He for somehow have make a back door or something to enter the forum and even be creative enough to login as any admin he want including me... What can I do to prevent this or at least make it difficult for him... He have access for Cpanel and server as I can see since he stated it in a post at the staff section below Quote:
Now I ask, what can I do to prevent this. Is there something I can try to do with config. files ect.....? |
Talk to your host! Have them help figure out how you were compromised. Are you on a shared server? If so, it could be someone else's account that was compromised. But, definitely talk to your host and also go through your own access_logs looking for his IP (if he posted, then hopefully he used the same IP to hack you) and see what he's been up to.
|
Here is the funny thing Lynne, he have access to the forum and I dont think he have to the cpanel or server as I believe he all bs.. He just posted as me now. So my question is how in the world someone can know all the passwords for each user or login like me to post.
My best bet is he have a back door through the config.php file but again I dont think he have access to that part. Is just so confusing that is getting of my nerves |
What version are you running and have you kept up-to-date with the security patches? You should be looking at your access_logs to see if he ran some script or what he did in order to get the passwords for your site.
|
I have vb4.1.3 version and yes I have been up to date on security files.
I will check on the admin logs and report back And for passwords the only method that Im aware off it the queries system which he can do easily by logging in like me as I do have that option available. WoW I think i might have to get in as a hacker now to learn few of their tricks. --------------- Added [DATE]1316263607[/DATE] at [TIME]1316263607[/TIME] --------------- I do get this from the CP Logs for admin SCRIPT -----------------Action--------Info usertools.php ----------- doips--------- user id = 1 user.php ---------------- edit --------- user id = 1 user.php ---------------- --------- find I always delete the install folder as well the the tools.php file I never have it on the forum unless I need to use it which is random |
Are you running php 5.3.7 by any chance?
This version has a bug in the encryption function, which could result in the following behaviour if i do understand that bug correctly. Whatever pw you type in it sends the same value (salt) instead of the encrypted pw. I also don't know if the encryption algorithm used by vbulletin would be affected by that. Information given here (i googled a random english site, read about it on a german one). http://www.v3.co.uk/v3-uk/news/21035...-bug-discovery Anyway just a guess. It might help. |
Quote:
Thanks kindly |
If you have the "Quick User Changer" hack, it's pretty easy for someone to gain access to ALL accounts if he gets access to a admin one. Just a thought.
|
What`s your site called I can secure for you I dont do it for free i do it for 10 dollars but if you dont get it then you can pay me back anytime you want and my skype is nijyarj add me ill secure you
|
Quote:
--------------- Added [DATE]1316276796[/DATE] at [TIME]1316276796[/TIME] --------------- Quote:
Will try it and let you know. |
| All times are GMT. The time now is 01:33 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|