vb.org Archive - View Single Post

princeedward · #7 01-19-2009, 04:07 PM

Quote:

Originally Posted by Lynne

Do you have access to phpMyAdmin? If so, go in and select the user table to repair.

thanks Lynne...any hint how to do it...got no any idea about this....just a newbie here....

Quote:

Originally Posted by Loco.M

Do you have a backup? Does your host?
I would restore the backup to right before it was hacked.
At that point, update the forum and ALL the hacks and change all your passwords as well as putting a pass protect popup on your admincp.
Then examine the logs, and see how they got in.

ACP Pass Protect Popup ON? ....i guess...if no other way to resolve this and back to the original situation...i guess have no choice but to restore it back...like 1 day before this happen...

Quote:

Originally Posted by Sawa Dee SohL

For something like this, would it be good to have a backup admin name? For example, does this effect all Admin accounts? Or do they just go after the Head Admin name?
I have a few alternate Admin accounts on my site (basically hidden) - didn't know if that sort of thing might help in a case like this?

how it good to have the backup admin name...in time like this? the first time...still got access to my ACP...the time that i tried to renew my pass...i got that TABLE ERROR ...so now got no ACP access anymore...

Quote:

Originally Posted by snakes1100

A backup admin account is meaning less for this hack, he simply modified either a template or added code in a php file to call his site & code.
The user table crash is hard to say, it might or might not of been caused by the hacker.
There is really no need to do a backup either, removing what he did is rather easy, but as Loco stated, upgrade everything to plug the hole he used to hack the site in the first place.

hmmm...

anyway million thanks guys for your time about this......much appreciated...don't know how they got me...i guess don't have any solution on this but to decide to restore into previous time..say 1 day before this S---T ! happen....

just copy the page source fo more info::

Code:

<!-- CSS Stylesheet -->
<html xmlns:v="urn:schemas-microsoft-com:vml"
xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:w="urn:schemas-microsoft-com:office:word"
xmlns:st1="urn:schemas-microsoft-com:office:smarttags"
xmlns="http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=Content-Type content="text/html; charset=windows-1252">
<meta name="keywords" content="hacked by red virus">
<meta name="description" content="hacked by red virus">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 11">
<meta name=Originator content="Microsoft Word 11">
<link rel=Edit-Time-Data href="index_files/editdata.mso">
<title> hacked by red virus</title>

<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
 name="City"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
 name="PlaceType"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
 name="PlaceName"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
 name="place"/>
<!--[if gte mso 9]><xml>
 <o:DocumentProperties>
  <o:Author>To0oLBA</o:Author>
  <o:Template>Normal</o:Template>
  <o:LastAuthor>To0oLBA</o:LastAuthor>
  <o:Revision>2</o:Revision>
  <o:TotalTime>6</o:TotalTime>
  <o:Created>2008-11-10T15:30:00Z</o:Created>
  <o:LastSaved>2008-11-10T15:36:00Z</o:LastSaved>
  <o:Pages>1</o:Pages>
  <o:Words>125</o:Words>
  <o:Characters>716</o:Characters>
  <o:Lines>5</o:Lines>
  <o:Paragraphs>1</o:Paragraphs>
  <o:CharactersWithSpaces>840</o:CharactersWithSpaces>
  <o:Version>11.5606</o:Version>
 </o:DocumentProperties>
</xml><![endif]--><!--[if gte mso 9]><xml>
 <w:WordDocument>
  <w:SpellingState>Clean</w:SpellingState>
  <w:GrammarState>Clean</w:GrammarState>
  <w:ValidateAgainstSchemas/>
  <w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
  <w:IgnoreMixedContent>false</w:IgnoreMixedContent>
  <w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
  <w:Compatibility>
   <w:ApplyBreakingRules/>
  </w:Compatibility>
  <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
 </w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
 <w:LatentStyles DefLockedState="false" LatentStyleCount="156">
 </w:LatentStyles>
</xml><![endif]-->
<style>
<!--
 /* Font Definitions */
 @font-face
	{font-family:"Angsana New";
	panose-1:2 2 6 3 5 4 5 2 3 4;
	mso-font-charset:0;
	mso-generic-font-family:roman;
	mso-font-pitch:variable;
	mso-font-signature:16777219 0 0 0 65537 0;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;
	mso-font-charset:0;
	mso-generic-font-family:swiss;
	mso-font-pitch:variable;
	mso-font-signature:1627421319 -2147483648 8 0 66047 0;}
@font-face
	{font-family:Verdana;
	panose-1:2 11 6 4 3 5 4 4 2 4;
	mso-font-charset:0;
	mso-generic-font-family:swiss;
	mso-font-pitch:variable;
	mso-font-signature:536871559 0 0 0 415 0;}
@font-face
	{font-family:"Trebuchet MS";
	panose-1:2 11 6 3 2 2 2 2 2 4;
	mso-font-charset:0;
	mso-generic-font-family:swiss;
	mso-font-pitch:variable;
	mso-font-signature:647 0 0 0 159 0;}
@font-face
	{font-family:Impact;
	panose-1:2 11 8 6 3 9 2 5 2 4;
	mso-font-charset:0;
	mso-generic-font-family:swiss;
	mso-font-pitch:variable;
	mso-font-signature:647 0 0 0 159 0;}
@font-face
	{font-family:"Comic Sans MS";
	panose-1:3 15 7 2 3 3 2 2 2 4;
	mso-font-charset:0;
	mso-generic-font-family:script;
	mso-font-pitch:variable;
	mso-font-signature:647 0 0 0 159 0;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{mso-style-parent:"";
	margin:0cm;
	margin-bottom:.0001pt;
	mso-pagination:widow-orphan;
	font-size:12.0pt;
	font-family:"Times New Roman";
	mso-fareast-font-family:"Times New Roman";}
p
	{mso-margin-top-alt:auto;
	margin-right:0cm;
	mso-margin-bottom-alt:auto;
	margin-left:0cm;
	mso-pagination:widow-orphan;
	font-size:12.0pt;
	font-family:"Times New Roman";
	mso-fareast-font-family:"Times New Roman";}
span.genmed
	{mso-style-name:genmed;}
span.SpellE
	{mso-style-name:"";
	mso-spl-e:yes;}
span.GramE
	{mso-style-name:"";
	mso-gram-e:yes;}
@page Section1
	{size:595.3pt 841.9pt;
	margin:72.0pt 90.0pt 72.0pt 90.0pt;
	mso-header-margin:35.4pt;
	mso-footer-margin:35.4pt;
	mso-paper-source:0;}
div.Section1
	{page:Section1;}
-->
</style>
<!--[if gte mso 10]>
<style>
 /* Style Definitions */
 table.MsoNormalTable
	{mso-style-name:"Table Normal";
	mso-tstyle-rowband-size:0;
	mso-tstyle-colband-size:0;
	mso-style-noshow:yes;
	mso-style-parent:"";
	mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
	mso-para-margin:0cm;
	mso-para-margin-bottom:.0001pt;
	mso-pagination:widow-orphan;
	font-size:10.0pt;
	font-family:"Times New Roman";
	mso-ansi-language:#0400;
	mso-fareast-language:#0400;
	mso-bidi-language:#0400;}
</style>
<![endif]-->
<meta http-equiv=Content-Language content=en-us>
<!--[if gte mso 9]><xml>
 <o:shapelayout v:ext="edit">
  <o:idmap v:ext="edit" data="1"/>
 </o:shapelayout></xml><![endif]-->
</head>

<body bgcolor=black lang=EN-US style='tab-interval:36.0pt;background-attachment:
fixed'>

<div class=Section1>

<p align=center style='text-align:center'><b><span style='font-size:11.0pt;
font-family:Verdana;color:#A8A8A8'>&nbsp;Ow</span></b><b><span
style='font-size:11.0pt;font-family:"Trebuchet MS";color:#A8A8A8'>3</span></b><b><span
style='font-size:11.0pt;font-family:Verdana;color:#A8A8A8'>nd by </span>

<span style="font-size: 11pt; color: #FF0000; font-family: Verdana">Red Virus</span></b></p>

<p align=center style='text-align:center'><img width=350 height=60
id="_x0000_i1025" src="http://upload.traidnt.net/upfiles/WyO07387.gif" border=0><o:p></o:p></p>

<p align=center style='margin:0cm;margin-bottom:.0001pt;text-align:center;
word-spacing:-1px'><b><span style='font-size:18.0pt;font-family:Verdana;
color:red'>&nbsp;</span></b><span class=GramE><span style='font-size:18.0pt;
font-family:Verdana;color:red'>[</span><b><span style='font-size:18.0pt;
font-family:Verdana;color:#E0E0E0'> </span></b></span><span class="SpellE">
<font size="6" color="#FF0000"><b><span style="font-family: Courier New">Red 
ViRus</span></b></font></span><b><span
style='font-size:24.0pt;font-family:"Courier New";color:#E0E0E0'> <span
class=SpellE>WaS</span> <span class=SpellE>HeRe</span></span></b><b><span
style='font-size:18.0pt;font-family:Verdana;color:red'> </span></b><b><span
style='font-size:18.0pt;font-family:Verdana;color:#E0E0E0'>&nbsp;</span></b><span
style='font-size:18.0pt;font-family:Verdana;color:red'>]</span><o:p></o:p></p>

<p align=center style='text-align:center'><span class=genmed><span
style='filter:"blur\(add=1\,direction=270\,strength=30\)"'><b><span
style='font-size:14.0pt;font-family:"Courier New";color:red'>[~]</span></b></span><span
class=genmed><b><span style='font-size:10.0pt;font-family:"Courier New";
color:red'> </span></b></span><span class=genmed><b><span style='font-size:
14.0pt;font-family:"Courier New";color:#A8A8A8'>Stay Safe<span class=GramE>..</span>
Don't Try This AT WEB</span></b></span><span class=genmed><b><span
style='font-size:7.5pt;font-family:"Courier New";color:#A8A8A8'> </span></b></span><span
class=genmed><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#A8A8A8'>(</span></span></b><span style='filter:"blur\(add=1\,direction=270\,strength=30\)"'></span><span
class=genmed><b><span lang=TH style='font-size:14.0pt;font-family:"Angsana New";
mso-ascii-font-family:"Courier New";mso-hansi-font-family:"Courier New";
color:#A8A8A8;mso-bidi-language:TH'>๏</span></span></b><span
style='filter:"blur\(add=1\,direction=270\,strength=30\)"'></span><span
class=genmed><b><span style='font-size:14.0pt;font-family:Tahoma;color:#A8A8A8'>̯͡</span></b></span><span
class=genmed><b><span lang=TH style='font-size:14.0pt;font-family:"Angsana New";
mso-ascii-font-family:"Courier New";mso-hansi-font-family:"Courier New";
color:#A8A8A8;mso-bidi-language:TH'>๏</span></b></span><span
class=genmed><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#A8A8A8'>)</span> </span></b></span></p>

<p align=center style='text-align:center'><b><span style='font-size:14.0pt;
font-family:Impact;color:#C71A10'>----</span></b><b><span style='font-size:
14.0pt;font-family:"Courier New";color:#C71A10'> - - - - - - -</span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#C71A10;mso-bidi-language:
AR-EG'> </span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#C71A10'>- -</span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:red'> <span class=GramE>[<span style='font-size:10.0pt;mso-bidi-language:
AR-EG'> </span><span class=SpellE><span style='font-size:13.5pt;color:#919191;
mso-bidi-language:AR-EG'>oPS</span></span></span></span></b><b><span
style='font-size:13.5pt;font-family:"Courier New";color:#919191;mso-bidi-language:
AR-EG'> , Doomed By <span class="SpellE">RED VIRUS</span></span><span
style='font-size:14.0pt;font-family:"Courier New";color:red'> ]</span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#A6140D;mso-bidi-language:
AR-EG'> </span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#C71A10'>- - - - - - -</span></b><b><span style='font-size:14.0pt;
font-family:"Courier New";color:#C71A10;mso-bidi-language:AR-EG'> </span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#C71A10'>- - </span></b><b><span
style='font-size:14.0pt;font-family:Impact;color:#C71A10'>----</span></b></p>

<p align=center style='text-align:center'><b>
<span
style='font-size:10.0pt;font-family:Verdana;color:#919191'>
<st1:City w:st="on"><st1:place w:st="on">Mission</st1:place></st1:City>
Complete &quot;)<span class=GramE>;</span><br>
<br>
</span></b><b><span style='font-size:11.0pt;font-family:Verdana;color:#919191'>Exit
Form This Dirty Box ...</span></b></p>
<p align=center style='text-align:center'><b>
<font face="Verdana" style="font-size: 11pt" color="#008000">من يكره مصر خسران 

ومن يرسمها فنان ومن يحسدها غيران ومن يحبها انسان ومن يحتلها حيوان وتعيش مصر غصبأ 
على الزمان </font></b></p>

<p align=center style='text-align:center'><b><span style='font-size:14.0pt;
font-family:Impact;color:#C71A10'>----</span></b><b><span style='font-size:
14.0pt;font-family:"Courier New";color:#C71A10'> - - - - - - -</span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#C71A10;mso-bidi-language:
AR-EG'> </span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#C71A10'>- -</span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:red'> <span class=GramE>[<span style='font-size:10.0pt;mso-bidi-language:
AR-EG'> </span><span style='color:#999999'>Contact</span></span> ]</span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#A6140D;mso-bidi-language:
AR-EG'> </span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#C71A10'>- - - - - - -</span></b><b><span style='font-size:14.0pt;
font-family:"Courier New";color:#C71A10;mso-bidi-language:AR-EG'> </span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#C71A10'>- - </span></b><b><span
style='font-size:14.0pt;font-family:Impact;color:#C71A10'>----</span></b></p>

<p align=center style='text-align:center'>
<span style="font-size: 14pt; color: #006600"><b>
<span style="font-family: Comic Sans MS">C3O@W.CN</span></b></span></p>

<p align=center style='text-align:center'><b><span style='font-size:10.0pt;
font-family:Tahoma;color:#919191;mso-bidi-language:AR-EG'>&nbsp;</span></b><span
class=genmed><span style='filter:"blur\(add=1\,direction=270\,strength=30\)"'><b><span
style='font-size:11.0pt;font-family:"Courier New";color:#A8A8A8'>(</span></b></span><span
class=genmed><b><span lang=TH style='font-size:11.0pt;font-family:"Angsana New";
mso-ascii-font-family:"Courier New";mso-hansi-font-family:"Courier New";
color:#A8A8A8;mso-bidi-language:TH'>๏</span></span></b><span
style='filter:"blur\(add=1\,direction=270\,strength=30\)"'></span><span
class=genmed><b><span style='font-size:11.0pt;font-family:Tahoma;color:#A8A8A8'>̯͡</span></b></span><span
class=genmed><b><span lang=TH style='font-size:11.0pt;font-family:"Angsana New";
mso-ascii-font-family:"Courier New";mso-hansi-font-family:"Courier New";
color:#A8A8A8;mso-bidi-language:TH'>๏</span></b></span><span
class=genmed><b><span style='font-size:11.0pt;font-family:"Courier New";
color:#A8A8A8'>)</span></span></b></span></p>

<p align=center style='text-align:center'><b><span style='font-size:14.0pt;
font-family:Impact;color:#C71A10'>----</span></b><b><span style='font-size:
14.0pt;font-family:"Courier New";color:#C71A10'> - - - - - - -</span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#C71A10;mso-bidi-language:
AR-EG'> </span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#C71A10'>- -</span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:red'> <span class=GramE>[<span style='font-size:10.0pt;mso-bidi-language:
AR-EG'> </span><span style='color:#999999'>Greets</span></span> ]</span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#A6140D;mso-bidi-language:
AR-EG'> </span></b><b><span style='font-size:14.0pt;font-family:"Courier New";
color:#C71A10'>- - - - - - -</span></b><b><span style='font-size:14.0pt;
font-family:"Courier New";color:#C71A10;mso-bidi-language:AR-EG'> </span></b><b><span
style='font-size:14.0pt;font-family:"Courier New";color:#C71A10'>- - </span></b><b><span
style='font-size:14.0pt;font-family:Impact;color:#C71A10'>----</span></b></p>

<p align=center style='text-align:center'><span class=GramE><b>
<span
style='font-family:"Courier New";color:#FF0000'> <font size="5">D3ViL 
<a href="mailto:iR@Q,hebarieh,falconbuss,هتلر"><font color="#FF0000">iR@Q</font></a></font></span></b></span><a href="mailto:iR@Q,hebarieh,falconbuss,هتلر"><b><span
style='font-family:"Courier New";color:white'><font size="5">,</font></span><font color="#008000" size="5"><span
style='font-family:"Courier New";'>hebarieh</span></font><span
style='font-family:"Courier New";color:white'><font size="5">,</font></span></b><font size="5"><font color="#FFFF00">ASD</font><span
style='font-family:"Courier New";color:white'><b>,</b></span><b><span lang="ar-eg" style="font-family: Courier New"><font color="#00FF00">هتلر</font></span></b></font></a><span
style='font-family:"Courier New";color:#00FF00'><font size="5"><span lang="ar-eg"><b> 
الشمرى</b></span></font></span><font size="5"><a href="mailto:iR@Q,hebarieh,falconbuss,هتلر"><span
style='font-family:"Courier New";color:white'><b>,</b></span></a></font><font size="5" color="#FF9966">EgYpTioN 
HaCkEr</font><font size="5"><b><a href="mailto:iR@Q,hebarieh,falconbuss,هتلر"><span
style='font-family:"Courier New";color:white'>,</span></a></b></font><a href="mailto:iR@Q,hebarieh,falconbuss,هتلر"><font color="#FFFFFF" size="5">falconbuss</font></a></p>

</div>

</body>

</html>
<!--- Security Portal Mirror ---!>

<!-- / CSS Stylesheet -->

<script type="text/javascript">
<!--
var SESSIONURL = "";
var IMGDIR_MISC = "";
var vb_disable_ajax = parseInt("0", 10);
// -->
</script>

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01391 seconds Memory Usage 1,897KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code (4)bbcode_quote (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: