The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Hacked and cant work out whats happened
Ok my website has been hacked and it seems the hackers have done some sort of trickery and now it just displays some "game over" page my site is still there in FTP and the database is fine there were some php files in the ftp like e.php and soem other stuff something called zend.php which was supposed to decrypt a vbulletin config file but that would have been no use becuse my database is only acessible from my ip and localhost
How can i fix this stupid game over page? |
#2
|
|||
|
|||
Clean up your filesystem to remove any rogue scripts.
Overwrite your files with a clean copy of vB. Check your templates and phrases for insertions. |
#3
|
|||
|
|||
Im checking through all my logs at th emoment trying to work out actually whats been done to see if a full re-install will be nesecarry
I still cant understand why anyone would want to hack me site i mean we had about 200 members and havent done any advertising really except the link in my signature --------------- Added [DATE]1250084298[/DATE] at [TIME]1250084298[/TIME] --------------- Only localhost has ever connected to the databse and none of the word "hacked" isnt in the databse or "hack" so its not a template as far as i know |
#4
|
||||
|
||||
do u access to the server???
i can help check your pm and reply back |
#5
|
|||
|
|||
Just a warning to those who think they can offer their services by sending our PM's to random members who are looking for help with a problem, other then as a result of a Paid Request, is considered advertising and spamming.
|
#6
|
||||
|
||||
^sorry about it
|
#7
|
|||
|
|||
Quote:
"wlhaan" Is a Saudi Arabia Hacking Team/Group. Are you on Shared Hosting, a VPS, or a Dedicated Server? |
#8
|
|||
|
|||
If you're on shared hosting then you ought to be thinking about a move.
I had my second installation of vBulletin, as allowed for testing, installed on my personal website under closed conditions. It was password protected and not open to the public. Twice it got hacked and my host accepted responsibility, saying several sites got hacked. I moved to another host after the second attack. |
#9
|
|||
|
|||
Our site is forever targeted by script kiddie groups etc etc as it attracts their attention.
These are steps that can help you identify the issue.
everytime you complete a step check to see if the problem persists |
#10
|
|||
|
|||
I can almost surely bet that you have an index.html page in your root directory Try removing it, and your forum will be back
It's a common "trick" used by defacers, since most apache installations have a sequence of what pages to serve if you just go to www.yourwebsite.com and most of the time index.html is the first in line, and index.php comes after it |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|