Thread: Hacked by Team Root, Forumrunner exploit
View Single Post
  #1  
Old 09-09-2013, 02:58 PM
Spangle Spangle is offline
 
Join Date: Jun 2011
Posts: 520
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Hacked by Team Root, Forumrunner exploit
I got hacked by a group calling themselves "Team root" today, they altered index.php and installed a file called 000.php

I've since had this email form my hosts :

Quote:
Hello,

Our systems performed a routine malware/virus scan on your account and unfortunately located infected/malicious files. We've automatically moved the infected files(s) out of your public_html directory into a safe, quarantined directory. Below is the file our scanners were able to locate:

/home/talkofth/public_html/forumrunner/x.php
Known exploit = [Fingerprint Match] [PHP Exploit]

Accounts are commonly exploited through outdated software, compromised cPanel/FTP login details, or vulnerable themes/plugins in your applications. We suggest rotating your cPanel and FTP passwords immediately in the event they were compromised. Instructions on how to reset your cPanel password can be found at https://support.hawkhost.com/index.php?/Knowledgebase/Article/View/47/0/how-can-i-reset-my-cpanel-password

If you would like more information regarding this infection, or are looking for our assistance in cleaning up your account, please contact our support team by either emailing support@hawkhost.com or submitting a ticket at https://support.hawkhost.com.
I take this to mean that if you are using Forumrunner you should remove it.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01216 seconds
  • Memory Usage 1,766KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete