Thread: My forum admin CP changed by hacker
View Single Post
  #8  
Old 10-15-2013, 11:16 AM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
  
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Hmm don't be so hard on yourself, you can check all of this at least, if you're not comfortable removing it then fine but you can surely do some sifting and find what is wrong. It's easy enough to run those queries listed in my blog post because those type of sql statments using select in the code do just that i.e. they only select and show you said code you can't mess anything up by just "checking" so run the queries then post the results here for one of us to assist.

Not sure what files if any were uploaded or infected, you can check for spare admin accounts and delete asap, now check the control panel log and all entries by said hacker will have N/A beside them and their ip address is listed so ban that pronto (open a ticket with host, ask them to ban ip at server level). To check the files go to maintenance in admincp and run the suspect files tool, that will show you more info to go by as well and also feel free to post that as well.

The main point of you posting this info, results of queries etc is to receive assistance from our community... you can use the links provided and assistance by a few of us to come out on top here without the need to hire someone (yes at the moment it seems over your head, a little practice and a little patience and next thing you know you're unhacking your site not us!).
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01382 seconds
  • Memory Usage 1,762KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete