Thread: Major Additions - microCART: Shopping System for vB4
View Single Post
  #806  
Old 05-26-2014, 10:07 PM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
  
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Toorak Times View Post
I got smashed 5 times BOP, my database is still psychopathic. have a look if you like...PLEASE!!!
I would suggest you look for .php files in the following directories- I've found them in these directories while cleaning up hacked sites before (check all sub-folders of these folders as well)-

/customavatars
/customgroupicons
/customprofilepics
/images
/signaturepics

If you have attachments stored in a web accessible location check that folder too.

These folders should not contain .php files.

As for being in your database the only real place they could be is in a plugin. Check and make sure you don't have any plugins listed in Plugin Manager (not product manager) at the top listed under the "vBulletin" product. If you do make sure these are plugins you created yourself and double-check the code. This is the most often exploited spot.

Second most exploited in my experience is hidden as a plugin of Forum Runner but this will be cleaned if you re-run the upgrade script which I recommend you do if you've been hacked.

Any 3rd party products should be re-installed after a hack to make sure their plugins are the original values and don't contain backdoors left by the hacker.
Reply With Quote
Благодарность от:
Toorak Times
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01218 seconds
  • Memory Usage 1,766KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_box_bit
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete