The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
URGENT: My forum's been hacked.
I'm not sure how to fix it...
Here's the some of the source code for the faq.php page (I've taken the index.php offline): Quote:
Here's how the page looks: http://www.meadowforum.com/faq.php Any ideas? |
#2
|
||||
|
||||
How about... not sure, I don't how they would have loaded that in via a way reversable easily. Although I do know these hackers can't code for their life and use a rubbish WYSIWYG editor.
|
#3
|
|||
|
|||
Re-upload the files that have been hacked, overwriting the existing ones
and get a new host |
#4
|
|||
|
|||
I tried re-uploading, didn't work.
I've just searched the MySQL database for 'MoroCcan Islam' and it brought up a few results. I'm restoring database from about a week ago and seeing if that solves the problem. |
#5
|
|||
|
|||
did a google search on that image of the hand came up with a tutorial but.. Its very interesting to see his name "neimadthehacker"
Can't read this language at all Click Here Click Here Looked at all these sites that have been hacked by them Google Search Results Not sure if any of this helps but I am pretty good at tracking down the source of hackers I have had my fair share. Also best way to get your site back online is what you are doing now do a restore because hackers usually put "Rogue" files that are very well hidden and will carry key loggs among other things. Sorry this happened to ya best thing to do is contact your host tell them what happened and ask them to help ya secure your site/webserver and they will help you because if someone trys to do a ddos attack on you that can cause multi millons in damage depending on how big it is and they won't want that trust me. |
#6
|
|||
|
|||
Thanks for your help. I had a go at fixing the database, but it was pretty messed up. I did manage to remove the content the hacker put on the site, but there was still traces that I couldn't get rid of - there was even some in the shoutbox? :S
|
#7
|
|||
|
|||
What are you on a single hosted account or do you own a vps? Cause if you did a backup a week back it should of restored a clean *unhacked database* along with the files.
|
#8
|
||||
|
||||
You need to remove the code that is in red from your template which ever one they put it in, probably headinclude or header.
Then you need to figure out which hacks have the security hole, or if you are on a old version of vBulletin you'll need to upgrade to make sure its the most secure. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|