Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > General > Big Board Discussions

Reply
 
Thread Tools
Some idiot screwing with me. Details »»
Some idiot screwing with me.
Version: , by fordsho fordsho is offline
Developer Last Online: Jun 2009 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 02-26-2008 Last Update: Never Installs: 0
 
No support by the author.

My forum has been constantly turning on and off..... so now i receive this email
Code:
Alright f**ker..

Here's the deal. You don't want your site going down anymore? You're going to have to do 1 thing.

Give me access to your cPanel for the day. And tomorrow I'll remove my account that has all admin rights. Deal?

How I've been doing it.. hehe.. well, I have a hidden account on your database that has all admin rights. All I want to do is get in your cPanel to copy your database and I'll be on my way.

The way this works is.. you have a lot of users. You'll never find me in the 200,000something users you have. So.. therefore, you need me to give you the account I have so you can delete it. NOW.. replacing your database will not work. For I have a program on my desktop that gives me admin access to any vbulletin forum I want. You want your site safe? Well.. give me your cPanel and we'll call it even. You can change your cPanel password tomorrow.

He keeps turning it on and off how can i put an end to this!!

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 02-26-2008, 02:20 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Contact your host! Why are you not contacting your host with this information?
Reply With Quote
  #3  
Old 02-26-2008, 02:29 PM
fordsho fordsho is offline
 
Join Date: Jan 2008
Posts: 15
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is a registered user inside the database my host has Nothing to do with this.... NVM i guess i asked the wrong Big forum section.
Reply With Quote
  #4  
Old 02-26-2008, 02:34 PM
Neutral Singh's Avatar
Neutral Singh Neutral Singh is offline
 
Join Date: Sep 2004
Location: Sikh Philosophy Network
Posts: 545
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If you can get into your admin cp then check the recent the admin log and note down all the IPs that have logged in as admin... check out who have registered with those ips and if you find any suspicious username with admin powers... BAN it right now... !! best of luck...
Reply With Quote
  #5  
Old 02-26-2008, 02:37 PM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There is no way he has a program on his desktop that will give Admin rights to any vb site. You think you have problems now, wait until you see what happens if you do give him your CPanel login.

Lynne is right, contact your host. They can help track this down. If it's a user, just look for anyone with admin permissions either as a main group or a second usergroup.

If all he is doing is turning the board off and on, then he doesn't have that much power yet or he would be flexing muscle. Looks like he's running a script somewhere.
Reply With Quote
  #6  
Old 02-26-2008, 02:50 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Do you have phpMyAdmin? Do you have it htaccess protected? Do you have your Admin CP and Mod CP htaccess protected?
Reply With Quote
  #7  
Old 02-26-2008, 04:42 PM
fordsho fordsho is offline
 
Join Date: Jan 2008
Posts: 15
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i have phpmyadmin ive been going through it but going through a list of 200000 members is a drag... And no i dont have any of those htaccess protected so ill get on it.
Reply With Quote
  #8  
Old 02-26-2008, 04:50 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

He is either doing this by straight access to the database through phpMyAdmin, in which case looking at the access_logs will help you find exactly who is accessing that directory - use search in your text editor. Or he is going through your Admin Panel and must have admin access so you should look at your Administrator usergroup. And, as I said, you need to protect at least all three of those directories.
Reply With Quote
  #9  
Old 02-26-2008, 04:58 PM
fordsho fordsho is offline
 
Join Date: Jan 2008
Posts: 15
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Damn nvm pass protecting the admin cp and mod cp directories didnt work either.... so now whats next.
Reply With Quote
  #10  
Old 02-26-2008, 05:17 PM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Lynne View Post
He is either doing this by straight access to the database through phpMyAdmin, in which case looking at the access_logs will help you find exactly who is accessing that directory - use search in your text editor. Or he is going through your Admin Panel and must have admin access so you should look at your Administrator usergroup. And, as I said, you need to protect at least all three of those directories.
If this guy was in the DB he wouldn't need CPanel access as the DB is all he wants. If he had Admin CP access, he would lock everyone out until he gets what he wants. The clown is running a script somewhere that is toggling the site off and on. If this guy had any real access at all he would be showing what he could do. He wants the DB to get whatever settings he can so he can do some more scripts. If all he has done so far is toggle the site off and off then that is where he needs to be stopped. And no matter what he does, do NOT give him anything.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:33 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08680 seconds
  • Memory Usage 2,287KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete