[daydie]

yeah, my site been working fine now. must of been some1 accessing my godaddy account on the web. thanks anyways guys aprichate it

--------------- Added [DATE]1313046735[/DATE] at [TIME]1313046735[/TIME] ---------------

Just saw my index file and it has this:

<html>

<head>

<!--

Well done for being able to read the source code.



MSN - root@unloyal.co.uk

Email - im@purv.org



~~ TriiX

-->

<style type="text/css">

body {

background-image: url(http://www.purv.org/deface.jpeg);

color: white;

}



h1 {

color: red;

}

</style>

<SCRIPT LANGUAGE="JavaScript">

var text=" [root@secureserver]~ cat message.txt<br> \

Good evening, David.<br> \

You're on a secure host? Uh-oh, I don't think so!<br> \

The index is the only page I have touched, nothing else.<br>Consider this a warning<br> \

If you can't secure a forum, then don't run one.<HR> \

Want help to secure it? Via being a techy or a host? Alternately, want to cry?<br> \

<b>MSN - root@unloyal.co.uk<br>Email - im@purv.org</b> \

I'll be waiting to hear from you.<br><br> \

Much love<br> \

TriiX \

<br><br><br> \

[root@secureserver]~ logout";

var delay=50;

var currentChar=1;

var destination="[none]";

function type()

{

//if (document.all)

{

var dest=document.getElementById(destination);

if (dest)// && dest.innerHTML)

{

dest.innerHTML=text.substr(0, currentChar)+"_";

currentChar++;

if (currentChar>text.length)

{

currentChar=1;

setTimeout("type()", 9000);

}

else

{

setTimeout("type()", delay);

}

}

}

}



function startTyping(textParam, delayParam, destinationParam)

{

text=textParam;

delay=delayParam;

currentChar=1;

destination=destinationParam;

type();

}

</SCRIPT>

<title>GreeTz</title>

</head>

<body>

<div align="center">

<iframe width="1" height="0" src="http://www.youtube.com/embed/zOopudSHS0c?autoplay=1" frameborder="0" allowfullscreen></iframe>

<h1><b>Hacked by TriiX</b></h1><br>

<DIV ID="txt">

<SCRIPT LANGUAGE="JavaScript">

javascript:startTyping(text, 50, "txt");

</SCRIPT>

</div>

</div>

</body>

</html>

--------------- Added [DATE]1313046839[/DATE] at [TIME]1313046839[/TIME] ---------------

How the hell has he done this?

Is Vbulletin secure? i have the latest and latest patch, Is it v bulletin or GoDaddy that is vulnerable?

Is their any way he can change index source without accessing FTP?
Also Is it possible he can access config somehow to see data to get password? im kind of worried now. If my forum grows and this happends im ++++ed. =/