Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > General > Big Board Discussions

Reply
 
Thread Tools
Some idiot screwing with me. Details »»
Some idiot screwing with me.
Version: , by fordsho fordsho is offline
Developer Last Online: Jun 2009 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 02-26-2008 Last Update: Never Installs: 0
 
No support by the author.

My forum has been constantly turning on and off..... so now i receive this email
Code:
Alright f**ker..

Here's the deal. You don't want your site going down anymore? You're going to have to do 1 thing.

Give me access to your cPanel for the day. And tomorrow I'll remove my account that has all admin rights. Deal?

How I've been doing it.. hehe.. well, I have a hidden account on your database that has all admin rights. All I want to do is get in your cPanel to copy your database and I'll be on my way.

The way this works is.. you have a lot of users. You'll never find me in the 200,000something users you have. So.. therefore, you need me to give you the account I have so you can delete it. NOW.. replacing your database will not work. For I have a program on my desktop that gives me admin access to any vbulletin forum I want. You want your site safe? Well.. give me your cPanel and we'll call it even. You can change your cPanel password tomorrow.

He keeps turning it on and off how can i put an end to this!!

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #62  
Old 03-21-2008, 10:26 PM
Hornstar Hornstar is offline
 
Join Date: Jun 2005
Location: Australia
Posts: 2,469
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Okay few things.

1st, as vb.com would say

To troubleshoot this, first reupload all the original vB non-image files (except install.php). Make sure you upload these in ASCII format and overwrite the ones on the server. Also be sure to upload the admincp files to whichever directory you have set in your config.php file. Then run 'Suspect File Versions' in Diagnostics to make sure you have all the original files for your version and that none show 'File does not contain expected contents':

Admin CP -> Maintenance -> Diagnostics -> Suspect File Versions


[Note: In some cases you may also need to remove any of the listed .xml files in the includes/xml directory.]

Next, disable all plugins.

Note: To temporarily disable the plugin system, edit config.php and add this line right under <?php

define('DISABLE_HOOKS', true);

Then if you still have this problem, create a new style and choose no parent style. This will force it to use the default templates. Finally empty your browser cache, close all browser windows then try again. Make sure you change to the new style and view your forums with it. Do you have the same problem?

--------------------------------------

obviously some of the above will not apply to you, but that is the general first thing you do. Check your plugins and hacks you have done to your board!

--------------------------------------

2nd, you said your database was compromised a few months ago or something. Well that rings alarm bells straight away.
Provide more info on this aspect and it may shed some light.

--------------------------------------

3rd, are you the only admin?

--------------------------------------

4th, are you on shared hosting or a dedicated server?

--------------------------------------

5th, What vbulletin version are you running?

-------------------------------------

6th, what version of php and mysql are you on?

----------------------------------------


Once I know the above info, we can go from there.
Reply With Quote
  #63  
Old 03-21-2008, 10:59 PM
flavoflav2000 flavoflav2000 is offline
 
Join Date: Dec 2005
Location: CA
Posts: 7
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

two words - mod security - on you web server - http://www.modsecurity.org/

This will help with the script kiddies - and XSS and system injection attacks - if your server or site was compromised it was because the security sucked.

Also I would make sure you have cpanel server locked down - go to the cpanel forums to find out how.

Do you have shell access to the server?

You may want to run rkhunter and see whats up.

If you have been comprimised for a month - well best advice to you is - redo the server - i.e. wipe it clean and reinstall the OS lock it down, install mod security and trip wire - rebuild your forum etc and go from there.

A system that has been hacked for a month is screwed no matter what you do.
Reply With Quote
  #64  
Old 03-24-2008, 09:55 AM
t3nt3tion's Avatar
t3nt3tion t3nt3tion is offline
 
Join Date: Aug 2005
Location: 3rd Planet from the Sun
Posts: 70
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If you need more in depth help, I`d offer my help : server & forum. Drop a pm if you want to.
Reply With Quote
  #65  
Old 03-28-2008, 06:21 PM
FlyBoy73 FlyBoy73 is offline
 
Join Date: Jan 2002
Location: Texas, USA
Posts: 297
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Why is this in the big board forums?
Reply With Quote
  #66  
Old 04-02-2008, 08:44 AM
Brian30fl Brian30fl is offline
 
Join Date: Jun 2005
Posts: 57
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

well doh cause its a big board being screwed with
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:47 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04497 seconds
  • Memory Usage 2,246KB
  • Queries Executed 20 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (6)post_thanks_box
  • (6)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (6)post_thanks_postbit_info
  • (5)postbit
  • (6)postbit_onlinestatus
  • (6)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete