Thread: Being hacked A LOT, help? on 4.2.1
View Single Post
  #12  
Old 09-19-2013, 07:24 PM
The Mailman The Mailman is offline
 
Join Date: Dec 2011
Posts: 22
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Lynne View Post
After you were first hacked, did you make sure to check your Administrator usergroup and verify you didn't leave their account as an Administrator (so they could still access the admincp)? And, did you go through your Plugin Manager and make sure they didn't add any plugins to your site? Also verify that all your old plugins haven't been touched and had bad code added to them. If you can't do those things, I'd suggest using a database backup. Also, make sure all the files uploaded to the site are default vbulletin files and not files added by the hackers.
I did and noticed like 4 more admins were added, but this was the first attack - I deleted that database and rolled back to a pre-hack one. I tried a fix and the second time they got in they didn't do this, but rather just take over my admin account. They did add a plugin that was noticeable, "cumlauncher2000"

But like I said, I've rolled back to a pre-attack db and updated all plugins and so far so good...but don't know if they've just lost interest for this week or if I'm still vulnerable.

Quote:
Originally Posted by loua_oz View Post
Posted in another tread, Plug Ins had a script "OverrideAdminRights" in ForumRunner, could be seen in "Product Management".
well good thing I deleted forumrunner altogether
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01160 seconds
  • Memory Usage 1,765KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete