The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
Comments |
#2
|
||||
|
||||
is it a shared server?
talk to hosting company / server admins, see if they're having issues on their end |
#3
|
||||
|
||||
What are in the files?
|
#4
|
||||
|
||||
and what size are the files?
|
#5
|
|||
|
|||
What's your kernel version?
|
#6
|
|||
|
|||
what makes you think its hackers? Are you on hostdime?
|
#7
|
||||
|
||||
If it were real hackes,your site would be dead right now.Even I can do that
|
#8
|
||||
|
||||
Quote:
38572 k in total each, and they are the same size each, all done by the same person from what I can imagine. I just want to find out who and fix it so they cannot dp this anymore. What a waste of my time. Here is a blurb from the file and as you can see it is all junk, I find when I scroll down lower it has a key logger script in the program. My question is how do I shut this crap down without loosing my board? core.8711 File Type: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV), SVR4-style, from 'php' -------------------------------------------------------------------------------- ELF44 k? ? @ P @?&?@?(PP+?P@,`?2?` 5pP<?p?< ??Mp?@P@@ЀPPP ``P ?kPPpp? p????ŀ ?p?@@?0?P??배p0? ???@????? ? ?0?00?4?? ?9?F?F?N@ B? ?N?B@@0OPB?0O B@O B?@O?BPO?gBPO?jB00?O?jB@ ?O xB P@yB00?P [CP?Pp\C?P?\C?P?\CP?PoC?PoC00 Q@oC 0Q?oC 0Q oC PQ?oCPQ?qC pQ0rC?pQ sC?QPsC??Q0tC QPtC ?Q ?C??Q??C ?Q??C R??C0R ?CR??CpR?C R0?C? R?C0R0?C`0R??C@R??C @R??CPP?R0?C``?R??C@?R??Cpp`S??C0 `S??CpS??C?pS??C ?S??Cp?S`?C S??C0 S??C?S@?CP?S??C ?S??Cpp@V@?C?@V ?C `Vp?CP`V??CPP?V0?C0?V`?C00?W0KD ?WPLD XpLD X?yD X?yD0X ?D0X ?D@XP?D0@X??D `X??D0`X??DpX`??pX`????Y`?? Zx?ZxxxP?tdH?ZH$$?CORE"?M{{04 MF"""?oC4???{{3?'[Cs ???{|CORER%~&~"?M{{php/usr/bin/php cron.php ?CORE??????tx????????ށ??~N; ??+???G&+??????#Y?Q????̐?̘?̘?̀\B??\B? 8?2?""????????????T??T??0??"????`????? ????"???`8??????{????????{????????+N+?@? ?@?? ???G??(i?? O?? +N+?n+?KG^?0??????@?8 %~%~%~%~&~&~&~&~?x???N??????????????????????????? = =?????????7?7@@??????????????????? ? phpec???h??߷?5f??`?&-?(??3 ? 93s?,??{??????8n?n??@@?????6???j??S?4??4? ? +N+?+N+?+N+ޘ???????????CORE????d4? T? %~ %~ &~&~???lCORE ? 93s?,??{????8n?n??@+?FLINUX ? 93s?,??{??????8n?n??@?????E??ẺE??E???u??|$ ?U??}?D$??t$? ?D$?u??|$?L$ ?4$?P?????~ ?U?f?zt4?E??E??}?v??????8?M?9?E?;E?t?$???? ??Eă?l[^_]??zf?????u??r U??T$?4$???????xt?M??|I?M????t?? ??????????????<$?U??T$?Y?????xB?4?4$?????M?9t< ??u+?V?$????Hu???4$??????M??|0?}??u??2????E ??????3????|$?M?U ?u??EȉL$?T$ ?t$?$?#?????x?E??E?u ?0???????????8Zu??E??????}?"????????????????U??V S?[??R???????p??@??????Ћ???u?[^??U??S?[??#P????Y[??gethostby*.getanswer: asked for "%s", got "%s"??0123456789abcdefgethostby*.getanswer: asked for "%s %s %s", got type "%s"%u.%u.%u.%u.in-addr.arpa%02hhx0.%u.%u.%u.in-addr.arpa0.0.%u.%u.in-addr.arpa0.0.0.%u.in-addr.arpa/lib/ld-linux.so.2????????6EO ? ?1T?T ? ?_???8???o ???o???o? ???o???o6???o@??C??C W_CO??m??[C?;cCPUcC?S?C`?C>?^C0S?CnxjC??? ?E?C?6jC??BcC0L?Cp5jC.>?WcC^n??C?? ?x`?^: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)GCC: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)GCC: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)GCC: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)GCC: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)GCC: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)GCC: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)GCC: (GNU) 3.4.6 20060404 (Red Hat 3.4.6-2)libnss_dns-2.3.4.so.debugD+??.symtab.strtab.shstrtab.note.ABI-tag.hash.dynsym.dynstr.gnu.version.gnu.version_d.g nu.version_r.rel.dyn.rel.plt.init.text.fini.rodata .interp.eh_frame.ctors.dtors.jcr.dynamic.got.got.p lt.data.bss.comment.gnu_debuglink44 ) |
#9
|
|||
|
|||
I doubt that you are being hacked. Those are probably core dumps from an unstable process.
What is the result of running 'ulimit -c'? |
#10
|
|||
|
|||
They are core dumps. Are you on host dime or a vps?
|
Thread Tools | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|