The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
09-17-2013, 12:51 PM
|
|||
|
|||
Hacked again! 2nd time in 2 weeks! Cannot access ACP.
This is ridiculous.
I don't know how to handle this kind of stuff! I can't even access my ACP to delete this dude. Hacked by Ari Tiga Angka Enam. Why is vBulletin so easy to hack? Someone please guide me through what to do via cPanel. I lost about 50 posts last time because I reverted to a backup. So over it.:down: 
|
|
#2
09-17-2013, 01:37 PM
|
||||
|
||||
|
Moved to vB4 General Discussion. I would guess that you overlooked something the first time around... a plugin was still present, the datastore table had a plugin within... a shell script on your server... any number of things honestly be sure to check using these links and be VERY THOROUGH grab a cup of coffee, do it right and above all else do not become frustrated that is the #1 thing many do and assume that since it started working after they uploaded files that its fine, no you need to be very in-depth after being hacked not only for your safety but for the safety of all your community members.
http://www.vbulletin.com/forum/blogs...vbulletin-site http://www.vbulletin.com/forum/blogs...ve-been-hacked http://www.vbulletin.com/forum/blogs...vbulletin-site
|
| Благодарность от: | ||
| socialteenz | ||
|
#3
09-17-2013, 01:41 PM
|
||||
|
||||
|
Did you remove the install directory? Check for all the users with admin privilege & change all your admin passwords.
|
| Благодарность от: | ||
| TheLastSuperman | ||
|
#4
09-17-2013, 02:02 PM
|
|||
|
|||
|
Quote:
I have checked your site and found the following suspicious files: Code: [STR]Hacked_by_string : [17/09/13] /home/obglobal/public_html/admincp/plugin.php [STR]Hacked_by_string : [17/09/13] /home/obglobal/public_html/admincp/help.php [HEX]php_nested_base64_510 : [15/09/13] /home/obglobal/public_html/admincp/nsuser.php [STR]Hacked_by_string : [17/09/13] /home/obglobal/public_html/admincp/index.php [HEX]php_nested_base64_510 : [17/09/13] /home/obglobal/public_html/admincp/black.php [STR]Hacked_by_string : [17/09/13] /home/obglobal/public_html/admincp/admin.php [STR]Hacked_by_string : [17/09/13] /home/obglobal/public_html/forum.php [STR]Hacked_by_string : [17/09/13] /home/obglobal/public_html/index.php [STR]Hacked_by_string : [17/09/13] /home/obglobal/public_html/showthread.php Can someone PLEASE tell me how to clean these out? I really have no idea what to do and I'm desperate. --------------- Added [DATE]1379430244[/DATE] at [TIME]1379430244[/TIME] --------------- Quote:
Can I change my passwprds via cPanel, do you know?
|
|
#5
09-17-2013, 03:34 PM
|
|||
|
|||
|
Quote:
Delete any that you cannot find. off the top of my head this one looks a bit suspicious /home/obglobal/public_html/admincp/black.php
|
|
#6
09-17-2013, 04:36 PM
|
||||
|
||||
|
Quote:
Seems like you need to upload all vbulletin files again. Check for vulnerable plug-in's too. My bad, seems like superman summed it up nicely. Check his links.
|
|
#7
09-17-2013, 05:06 PM
|
|||
|
|||
|
obglobal.net
Sounds like you got very close to the same thing I got. Our entire vB software was destroyed. Basically I had to hire someone to clear out all files, reload the vB software, and then re introduce the database. And I can only thank God our database was not destroyed. You definitely have a different hacker than I had; but I went by your URL and from what you posted in here I think you are screwed just like I was. Steve
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 05:51 PM.