Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page My forum hacked - any help appreciated
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
Page 2 of 2 1 2
 
Thread Tools Display Modes
  #11  
Old 10-05-2009, 02:56 PM
mcrider mcrider is offline
 
Join Date: Feb 2009
Location: Racine, Wisconsin
Posts: 44
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by MAD--DOG View Post
see man some one must have access to an ftp to ur hosting thats the only way some one can add an index page with an image that says that you been hacked
What about a remote file include vulnerability....be careful what you wish for
Reply With Quote
  #12  
Old 10-05-2009, 05:35 PM
Aspergillus Aspergillus is offline
 
Join Date: Feb 2009
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Dear m8's,

in the last few Month i observed many times so called "hacks" and it allways turned out be have been started by FTP. There ist a Trojan going arround spying out FTP Passwords.. sending them to a bot wich then goes to add a few lines to all index.php and and index.html files..
Most of the times these added lines open a hidden iframe on some page.. just tu generate clicks!!

So check your Computer for Trojan first and change all ftp passwortds (but dont do it via FTP Client) do it in Hosting Controll center.

Greez Aspi
Reply With Quote
  #13  
Old 10-05-2009, 06:30 PM
snakes1100 snakes1100 is offline
 
Join Date: Dec 2001
Location: Michigan
Posts: 3,733
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Did you upgrade anything as i stated in my first post?

Have you implemented mod_sec or suhosin?

What your doing so far isnt going to stop him, you can block all the ip's you want, simple to get a new ip to use.
Reply With Quote
  #14  
Old 10-05-2009, 06:53 PM
knucklenitz knucklenitz is offline
 
Join Date: May 2009
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by snakes1100 View Post
Did you upgrade anything as i stated in my first post?

Have you implemented mod_sec or suhosin?

What your doing so far isnt going to stop him, you can block all the ip's you want, simple to get a new ip to use.
Yes, upgraded vb to the latest.

As I understand it, mod_sec can only be implemented (by me) on dedicated servers. I plan on moving to a host that provides mod_security built into the plan, although I won't have any access to make security changes. I just can't afford a dedicated setup right now.
Reply With Quote
Reply
Page 2 of 2 1 2

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 08:55 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03391 seconds
  • Memory Usage 2,179KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (4)post_thanks_box
  • (4)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (4)post_thanks_postbit_info
  • (4)postbit
  • (4)postbit_onlinestatus
  • (4)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete