The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
I've been hacked?
Hi, I logged onto today to see a random account i've never seen before with administrator. This is what he did
Can someone tell me how he got access or what he was doing once he was in. Thank you. Edit: /install directory has been deleted already. Edit: Version 4.1.5 (Latest version) |
#2
|
|||
|
|||
Please post all of your active add-ons here.
We also need to know which vBulletin version you're using. |
#3
|
||||
|
||||
Please read the following two blog posts:
http://www.vbulletin.com/forum/blogs...ve-been-hacked http://www.vbulletin.com/forum/blogs...vbulletin-site Also please see these recent security announcements: vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum...-1-vbulletin-5 vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum...d-all-versions What version of vB4 are you running? |
#4
|
|||
|
|||
Quote:
By add-ons are you referring to products? If so |
#5
|
||||
|
||||
Well first off, that version is outdated, and has unpatched security issues, you should be running the latest 4.2.2 at a minimum, or 4.2.3
Inferno shout is outdated, and most likely did not come from this site, I would ditch that and get a different shout, such as it's newer version, https://vborg.vbsupport.ru/showthread.php?t=236970 |
Благодарность от: | ||
Brandon Sheley |
#6
|
|||
|
|||
Alright, that looks fine.
Now: - Be sure the /install folder is not present on your vBulletin installation. - Check all of your active plugins, there shouldn't be any fishy plugins with odd names. - In your ACP go to Maintenance > Diagnostics > Suspect File Versions. Check if there are any weird files which were created recently on your server. - Change the password of all administrator/moderator accounts. - Protect your ACP with a plugin like this: https://vborg.vbsupport.ru/showthread.php?t=296383 Edit: vBulletin version is very outdated, update to the latest. |
#7
|
|||
|
|||
Quote:
|
#8
|
||||
|
||||
Also check your plugins, ACP --> Plugins & Products --> Plugin Manager and see it there are any unknown plugins running under vBulletin
|
#9
|
||||
|
||||
Well it could have been any of the security issues in the version you are running, or through Inferno shout.
|
#10
|
||||
|
||||
Quote:
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|