The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Hacked
How do i go about reporting a succsessfull hacking attempt. Baring in mind there were no addons at the time and i have spoken to the hacker and he 'claims' that he has written a script that will allow him access to any 3.8 board.
|
#2
|
||||
|
||||
Go to vBulletin.com and report it there. How / why are you in communication w/ the "hacker"? Is he attempting to get money out of you?
|
#3
|
||||
|
||||
Were you running the latest vB? And how did you "confirm" the hack?
|
#4
|
|||
|
|||
He replaced my htaccess (amongst other things) to redirect to his website. So i sign up and asked them why they were hacking me. Its a german site so i didnt fully understand all their responses but at least i got on talk terms with them and eventually they released my site.
Previously to that no matter how many times i replaced the file system and database from various backup dates they simply got over written. He doesnt want anything from me but im not about to name him either as it is obvious what actions he will take. He has told me that it is vbulletin that has been exploited and not and modifications. I have some server logs but im not to clear on what i am looking for. |
#5
|
||||
|
||||
Ask you host for help.
It sounds to me like he has access to your server if he is replacing htaccess files. If so, your host will want to know about this and should help you figure out how they got in. |
#6
|
||||
|
||||
Agreed, it's not vBulletin. You need server access via CPanel or remote access or something to change the htaccess file. vBulletin has no access to it.
|
#7
|
|||
|
|||
It seems from the logs that he gained access to my account then added or edited a plugin, which one i am unsure of because are far from detailed (which is something vb should really expand on) assuming the right plugin was used that could effectivly give him root access, right? The logs dont tell me which plugin was altered, is there another way to get this information?
He then appeared to download my style and copy all images, dont know why. Although i have my site back i dont feel secure, what actions can i take to increase security. I am pretty sure now that he used a modification to gain access to my account even though he says he didnt so i have already removed most of them. Some of the are critical but i believe are safe. I read somewhere that changing your userid could help also the location of admincp, how would i do this? |
#8
|
|||
|
|||
here it is powlo.
http://www.vbulletin.com/forum/showthread.php?t=172234 |
#9
|
|||
|
|||
Thanks bud, i knew id seen it somewhere.
|
#10
|
||||
|
||||
here is what i think and all the coder and programmers on my forum think any vb higher then 3.7.5 is fun to take down sorry but yes . 3.8.x no good
i cant wit an tell 4.0 |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|