vb.org Archive - View Single Post - Preventative - How to avoid being Hacked by TeamPS i.e. p0wersurge

Inspector G · #14 02-19-2013, 03:05 AM

I wish I knew...lol
MY site IS CURRENTLY DOWN big time...

I got hit by ENO7 this am but the funny thing

I was warned by a member a week ago... so I did do a complete site from sub root up and IT will be fixed but I still wonder how they injected a msql code in by doing table querys or some other method to hit my database insert
html pages in to the FTP protected Public area...

My FTP which I am crazy about locking and other security..
I had in place such as FTP Locks on the basic four folders with renames for the admin cp and Mod cp htacces lock down and all...

They rolled through in minutes and poof...
If I had not received a warning, which I also find very odd, and the IP of a user that help as around a bit was also shown on the user account that warned me however they claim to know each other and be at war against each other...I also received another warning last night that it would be within a day...
I have 51 or should I say HAD 51 members with 34 fake ones I created...with no passwords that would have made sense to anyone...

I figured I was ok but I had worked about 60 hours this weekend typing tutorials up for users on my site since I am building it and added a few extra forums, luckily I have emails from the three new members that just joined and I remember their user names I will have to give them new pw and then send them email explaining that there was a DB error the freaked my site up ...how do you say ..we got hacked the folks go running away...

So who is the best and what is the best solution for a Noob like me with all of that said..Give up Never, get hacked every day and have to reinstall every night and weekends..ok if I must...
any help is welcomed...right now the server is waiting for my ftp of the back up of the complete account lucky for the warning I got...

So how can I prevent this from happening again?
Who can I trust when I do not know enough about this to stop it?
Thanks Just need to know these answers...

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01034 seconds Memory Usage 1,764KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: