The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Hacked!
Ok, need your help on this. Woke up this morning, go to log in...cant. I try several times, I know im putting in the right pw, and still cant. I look at my news forum and see some arabic writing. I log in under another admins login/pw. I search for my user name (original one) does not exist. I look under usergroups, not there. I take it that it got erased?
Here is a screen shot of the post that was made, and one was made in an admin section, so I take it was not a bot. What do i need to do to prevent this again? I attached what they wrote and the screenshots. The first post made by the hacker says this: (arabic writing that was posted underneath) Quote:
خخخخخخخخخخخخخخخخخخخخخخخخخخخخخخخخخخخخ بس العب بنك الادم تم اختراق منتداكم الفاشل الحين بغير الاندكس اصبروشو Hacker's username that was created: Sn1p3r_spy And this is the post made in my news section: Quote:
شووفوني ادمن خخخخخخخخخ الله يلعنكم منتداكم تعبني من جد ياكلاب Wanted to know if I could save my username or is that gone? |
#2
|
||||
|
||||
You can use a back up of your forum from the past day, before the board was hacked.
|
#3
|
|||
|
|||
im checking to see when my host last did an update, last time i did a full back up was on 7/11/07
|
#4
|
|||
|
|||
you could restore just your user account from there instead of a whole board restore... i've restored users before when they've been accidentally deleted but its a time consuming process.
|
#5
|
|||
|
|||
caranage, is there a way to go back and save my old user name? I was running 3.6, im upgrading my board up to 3.8 as we speak under another admin name. But i want to save my old name. Is that possible?
I deleted anything that was related to this hacker that I could find, im hoping he doesnt have anything hidden on my site or server. Hoping the upgrade eliminates any further damage. If you want to contact me, TN Zazza is my aim name oops, ok i just upgraded to 3.6.8 |
#6
|
||||
|
||||
Run a check for Suspect Files through the Maintenance tab in the AdminCP. This will tell you if there are any files in your directory that shouldn't be there, or if any of the core files have been altered.
|
#7
|
|||
|
|||
Ok, what I had to do was restore my old back up that is about 2 weeks old, sux but, it put me back to a working starting point, i was at 3.6.6, so I upgraded immediately to 3.6.8. I set all of my admins so they cant be erased in the config file, changed pw's etc. Is there anything that you guys can recommend for me to check or get rid of etc, in order to prevent this from happening again?
Thanks |
#8
|
||||
|
||||
Did you run the check I suggested in my previous post? What modifications do you have installed?
|
#9
|
|||
|
|||
ya under the diagnostics check, i have a bit of mods installed, i never had an issue before, I think it may have been because I didnt upgrade to the newest release yet, but here are my results, lol:
arcade.php File not recognized as part of vBulletin fixoptions.php File not recognized as part of vBulletin flashchat.php File not recognized as part of vBulletin itrader.php File not recognized as part of vBulletin itrader_detail.php File not recognized as part of vBulletin itrader_feedback.php File not recognized as part of vBulletin itrader_global.php File not recognized as part of vBulletin itrader_report.php File not recognized as part of vBulletin journal.php File not recognized as part of vBulletin mm_menu.js File not recognized as part of vBulletin modelapp.php File not recognized as part of vBulletin sr_classifieds.php File not recognized as part of vBulletin sr_classifieds_payment.php File not recognized as part of vBulletin template.htm File not recognized as part of vBulletin ushop.php File not recognized as part of vBulletin vbfavorites.php File not recognized as part of vBulletin vbgarage.php File not recognized as part of vBulletin vbpunch.php File not recognized as part of vBulletin vbulletin35CMS.php File not recognized as part of vBulletin Scanned 63 files ./admincp arcade.php File not recognized as part of vBulletin articlebot_admin.php File not recognized as part of vBulletin articlebot_simulator.php File not recognized as part of vBulletin itrader_misc.php File not recognized as part of vBulletin journaladmin.php File not recognized as part of vBulletin read_pms.php File not recognized as part of vBulletin sr_classifieds_admin.php File not recognized as part of vBulletin ucash_admin.php File not recognized as part of vBulletin ushop_admin.php File not recognized as part of vBulletin vba_cmps_admin.php File not recognized as part of vBulletin vba_links_admin.php File not recognized as part of vBulletin vbacmps_install.php File not recognized as part of vBulletin vbalinks_install.php File not recognized as part of vBulletin Scanned 3 files ./archive Scanned 34 files ./clientscript activecell.htc File not recognized as part of vBulletin ncode_imageresizer.js File not recognized as part of vBulletin vbpunch.js File not recognized as part of vBulletin Scanned 3 files ./clientscript/yui Scanned 2 files ./images/regimage/fonts Scanned 111 files ./includes adminfunctions_links.php File not recognized as part of vBulletin adminfunctions_vba_cmps.php File not recognized as part of vBulletin bitfield_sr_classifieds.xml File not recognized as part of vBulletin class_dm_itrader.php File not recognized as part of vBulletin class_ucs_core.php File not recognized as part of vBulletin cpnav_sr_classifieds.xml File not recognized as part of vBulletin datastore_cache.php File not recognized as part of vBulletin functions_itrader.php File not recognized as part of vBulletin functions_links.php File not recognized as part of vBulletin functions_ucs_shared.php File not recognized as part of vBulletin functions_ushop.php File not recognized as part of vBulletin global_ushop.php File not recognized as part of vBulletin vba_cmps_include_bottom.php File not recognized as part of vBulletin vba_cmps_include_error.php File not recognized as part of vBulletin vba_cmps_include_template.php File not recognized as part of vBulletin vba_cmps_include_top.php File not recognized as part of vBulletin vba_cmps_plugin_newpost.php File not recognized as part of vBulletin vba_global_error.php File not recognized as part of vBulletin Scanned 26 files ./includes/cron articlebot_vbcron.php File not recognized as part of vBulletin links_search.php File not recognized as part of vBulletin links_subscriptions.php File not recognized as part of vBulletin rsvp_notify.php File not recognized as part of vBulletin sr_classifieds.php File not recognized as part of vBulletin ucash_paycheck.php File not recognized as part of vBulletin ushop_expiration.php File not recognized as part of vBulletin ushop_misc.php File not recognized as part of vBulletin Scanned 8 files ./includes/paymentapi Scanned 26 files ./includes/xml bitfield_comments.xml File not recognized as part of vBulletin bitfield_itrader.xml File not recognized as part of vBulletin bitfield_journalhack.xml File not recognized as part of vBulletin bitfield_profileviews.xml File not recognized as part of vBulletin bitfield_sr_classifieds.xml File not recognized as part of vBulletin bitfield_vbpunch.xml File not recognized as part of vBulletin cpnav_arcade.xml File not recognized as part of vBulletin cpnav_articlebot.xml File not recognized as part of vBulletin cpnav_itrader.xml File not recognized as part of vBulletin cpnav_journalhack.xml File not recognized as part of vBulletin cpnav_rpm.xml File not recognized as part of vBulletin cpnav_sr_classifieds.xml File not recognized as part of vBulletin cpnav_ucs.xml File not recognized as part of vBulletin cpnav_vbacmps.xml File not recognized as part of vBulletin cpnav_vbalinks.xml File not recognized as part of vBulletin hooks_ibproarcade.xml File not recognized as part of vBulletin hooks_sr_classifieds.xml File not recognized as part of vBulletin hooks_v3arcade.xml File not recognized as part of vBulletin product-ibproarcade.xml File not recognized as part of vBulletin Scanned 70 files ./install Scanned 11 files ./modcp vba_links.php Now, anything look out of whack? lol I appreciate your feedback! |
#10
|
|||
|
|||
Did u say just a FEW hacks
Go over to vBulletin, there is a thread there somewhere that tells you things to do to make your board more secure, like re-naming the admincp folder to another name and you can also make use of .htaccess files to require two logins for the admin area. You should also use .htaccess file to protect folders like the CGI-BIN. So cgi scripts cannot be run from there. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|