The Arcive of Official vBulletin Modifications Site.

teamsupra · #1 08-30-2006, 12:44 AM

Someone hacked my site, added arcade2000.com banners all over my forums, and then removed me from the admin group. I can not log in to admincp. It says Thank you for logging in then it redirects back to the admincp login.

Can anyone help me?

Brandon Sheley · #2 08-30-2006, 12:51 AM

can u get in the cpanel, or ftp ?

i doubt it was hacked,, u might have a keylogger on ya

Shazz · #3 08-30-2006, 12:52 AM

You mean someone got into admin CP... and did all these things

teamsupra · #4 08-30-2006, 12:53 AM

I have access to ftp, whm, and cpanel.. I was emailed by the hacker saying "You might want to secure your site" Then no more than 30 mins later this happened.

I am running 3.5.4 he took over admin added banners to the templates then sent a mass email to my members and did something to the amdincp where it does not let me login, only brings me back to the login screen.

Ntfu2 · #5 08-30-2006, 12:57 AM

First you need to figure out how he got in then secure it

After that, upload tools.php back to your admincp folder and go to that in your webbrowswer and add yourself back as admin

teamsupra · #6 08-30-2006, 01:08 AM

Any ideas on a good way to figure out how he obtained admincp rights?

Ntfu2 · #7 08-30-2006, 01:15 AM

no, what all modifciation do you have installed on your server?

Do you have other scripts besides vBulletin

Do you have other admins..

the list can go on and on. If you are on shared hosting, ask your hosting company, if you are on a dedicated server hire a management company to perform a security audit

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.03652 seconds Memory Usage 2,208KB Queries Executed 13 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (7)post_thanks_box (7)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (7)post_thanks_postbit_info (7)postbit (7)postbit_onlinestatus (7)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!