vb.org Archive - View Single Post - HACKED

StructuralNet · #3 04-04-2009, 02:41 PM

Quote:

Originally Posted by Dismounted

Either a modification has been compromised, or the server has been compromised. Contact your host. Also change your cPanel/FTP passwords.

I am contacting my host right now, I am on a VPS and I have been checking the server logs for anything weird, but I think my admin is better to find something if there is something..

I would of thought, though, if they got into the server through a backdoor or something, they would of effected my other accounts. I have VB running on another account for another site, and a few other accounts with various programs that were not touch (and have been on there for a very long time)

Here is the list of my mods,

I have ibProArcade v.2.6.8 which this file structure was changed I noticed.

Here is a list of my other mods:

Admin Log In As User

Cyb - Advanced Permissions Based on Post Account

Fake User (adds a couple guests)

GTSmilieBox

Panic Button

Plus Mood

vB Ad Management

vBadvanced CMPS

vbSEO Site Map

Welcome Headers

--------------- Added [DATE]1238915113[/DATE] at [TIME]1238915113[/TIME] ---------------

Maybe someone can chime in?

This guy is getting FTP access, I have formatted all my pcs to make sure I don't have a virus, and my host is looking through everything as well.

Thing that throw my interest:

Sat Apr 04 17:14:52 2009 0 81.17.252.160 6448 /home/theangry/public_html/arcade/cat_imgs/index.html a _ o r theangry ftp 1 * c
Sat Apr 04 17:14:53 2009 0 81.17.252.160 6699 /home/theangry/public_html/arcade/cat_imgs/index.html a _ i r theangry ftp 1 * c
Sat Apr 04 17:14:54 2009 0 81.17.252.160 22447 /home/theangry/public_html/arcade/functions/dbclass.php a _ o r theangry ftp 1 * c
Sat Apr 04 17:14:55 2009 0 81.17.252.160 24228 /home/theangry/public_html/arcade/functions/dbclass.php a _ i r theangry ftp 1 * c

Why the arcade first? Compromised maybe? I deleted the folder when I did a backup, I also disabled my FTP server...

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01103 seconds Memory Usage 1,766KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_quote (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: