vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Team Hacker Egypt!? (https://vborg.vbsupport.ru/showthread.php?t=302475)

obglobal.net 09-20-2013 01:14 PM
Team Hacker Egypt!?
 
I was just editing my NavBar, and I hit the "?" button in ACP and was directed to a Team Hacker Egypt page.

It has complete access to my entire public_html.

WTF is going on here? I just payed to have my site secured as I was in over my head, and now this!

HELP!

Zachery 09-20-2013 01:22 PM
Please read the following two blog posts:
http://www.vbulletin.com/forum/blogs/zachery/3993888-fixing-your-site-after-you-have-been-hackedhttp://www.vbulletin.com/forum/blogs/zachery/3993849-best-practices-for-securing-your-vbulletin-site

Also please see these recent security announcements:

vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5
vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3993204-vbulletin-5-connect-security-patches-released-all-versions

obglobal.net 09-20-2013 01:30 PM
Quote:
Originally Posted by Zachery (Post 2446892)
Please read the following two blog posts:
http://www.vbulletin.com/forum/blogs/zachery/3993888-fixing-your-site-after-you-have-been-hackedhttp://www.vbulletin.com/forum/blogs/zachery/3993849-best-practices-for-securing-your-vbulletin-site

Also please see these recent security announcements:

vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5
vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3993204-vbulletin-5-connect-security-patches-released-all-versions
I've just been hacked, so I've read all that. I want to know how to get these ++++s out of my site permanently.

--------------- Added [DATE]1379687816[/DATE] at [TIME]1379687816[/TIME] ---------------

My web host has told me that the issue was in the help.php file.

I suggest checking that out.

TheLastSuperman 09-20-2013 01:51 PM
Quote:
Originally Posted by obglobal.net (Post 2446893)
I've just been hacked, so I've read all that. I want to know how to get these ++++s out of my site permanently.

--------------- Added [DATE]1379687816[/DATE] at [TIME]1379687816[/TIME] ---------------

My web host has told me that the issue was in the help.php file.

I suggest checking that out.
Yes more than likely it's what I've been encountering the past few days, a file or plugin that initializes c99madshell like I mentioned here and to sum it up, seems as if the person you hired overlooked something - request they clean the site again due to that, imo they should free of charge.

obglobal.net 09-20-2013 02:02 PM
Quote:
Originally Posted by TheLastSuperman (Post 2446895)
Yes more than likely it's what I've been encountering the past few days, a file or plugin that initializes c99madshell like I mentioned here and to sum it up, seems as if the person you hired overlooked something - request they clean the site again due to that, imo they should free of charge.
Damn right I'm gonna tell them I want another clean up.

With your experience in this f'd up world of hacking, could you give me any heads up on what to look for? Are there common place issues like this help button one?

Looks like it's necessary for me to give these hacks I payed to clean my site a heads up to break them out of their laziness. :mad:


All times are GMT. The time now is 04:30 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01257 seconds
  • Memory Usage 1,729KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (5)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete