Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #11  
Old 01-01-2009, 02:54 AM
Medtech's Avatar
Medtech Medtech is offline
 
Join Date: Oct 2007
Posts: 310
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

it's hacked now at this moment. sending ya a pm RTMdotORG
Reply With Quote
  #12  
Old 01-01-2009, 02:57 AM
RTMdotORG RTMdotORG is offline
 
Join Date: Dec 2008
Posts: 282
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Medtech View Post
it's hacked now at this moment. sending ya a pm RTMdotORG
okay.
Reply With Quote
  #13  
Old 01-01-2009, 03:19 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by RTMdotORG View Post
1||1230677435||66.156.165.120||do=viewsubscription ||http://www.ripthemic.org/forums/usercp.php||Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.17) Gecko/20080829 Firefox/2.0.0.17
1||1230677439||66.156.165.120||do=viewsubscription ||http://www.ripthemic.org/forums/usercp.php||Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.17) Gecko/20080829 Firefox/2.0.0.17
1||1230677448||66.156.165.120||do=viewsubscription ||http://www.ripthemic.org/forums/usercp.php||Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.17) Gecko/20080829 Firefox/2.0.0.17
1||1230734502||124.187.20.43||do=removesubscriptio n&t=3||http://ripthemic.org/forums/showthre...1||Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3
1||1230765308||67.167.16.183||do=viewsubscription| |http://www.ripthemic.org/forums/usercp.php||Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; InfoPath.2)
They are not "hackers". They are normal users trying to manage subscriptions... vBFirewall is more effort than its worth.
Reply With Quote
  #14  
Old 01-01-2009, 04:20 AM
RTMdotORG RTMdotORG is offline
 
Join Date: Dec 2008
Posts: 282
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Dismounted View Post
They are not "hackers". They are normal users trying to manage subscriptions... vBFirewall is more effort than its worth.
well that's a relief.

--------------- Added [DATE]1230832971[/DATE] at [TIME]1230832971[/TIME] ---------------

well my site was put back up once again...
lass than 7 hours later....hacked AGAIN!!!
3 times in 3 days!!!!

www.ripthemic.org

1||1230777472||98.100.180.113||do=viewsubscription ||||Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
1||1230777561||98.100.180.113||do=viewsubscription ||||Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
1||1230816616||86.96.229.88||s=&do=add&dostyleid=1 0&title=headinclude&group=all&searchstring=&expand set=10||http://ripthemic.org/forums/admincp/||Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)
1||1230816628||86.96.229.88||s=&do=add&dostyleid=1 0&title=headinclude&group=all&searchstring=&expand set=10||http://ripthemic.org/forums/admincp/||Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)
Reply With Quote
  #15  
Old 01-02-2009, 02:17 AM
^SuiCyde^ ^SuiCyde^ is offline
 
Join Date: Dec 2003
Location: Colorado Springs/CincyO
Posts: 101
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

wow - www.ripthemic.org/forums/

HaCked By : Sniper-3 | Devano |
__

# Black Hat's Crew #

MSN :
3-Z@Live.Com
__
Reply With Quote
  #16  
Old 01-02-2009, 03:10 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Disable and uninstall all your modifications. Making sure you remove all files of those modifications. Also make sure there are no suspicious files hiding in any of the directories.
Reply With Quote
  #17  
Old 01-02-2009, 07:33 PM
Medtech's Avatar
Medtech Medtech is offline
 
Join Date: Oct 2007
Posts: 310
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I went through the file system and removed alot of code and restored admin access. Got the site back up again. they made a mess over there. they injected into the database. they targeted index.html. index.php. login.php and removed RTMdotORG's admin acct. Renamed admincp.... chmodded a few files and did some work on the server. outside of needing a new index.html file, should be no problems now. forums are working.
Reply With Quote
  #18  
Old 01-03-2009, 03:55 PM
RTMdotORG RTMdotORG is offline
 
Join Date: Dec 2008
Posts: 282
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

yessir.
thank you.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:49 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04297 seconds
  • Memory Usage 2,237KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete