HELP, I just got HACKED!

What can I do guys? I just got hacked and my everyone who has an account to the admin control panel had their account deleted!!! What can I do to get back in and fix it. Some of the info on the board does not need to be open to the public.

[ptbyjason]

Ok, I have everything moved to a new directory now. Here is what happened.

Somehow the guy was able to register under the account "admin" (supposed to be restricted). I suspended (suspended category allows PMs but no posting) the account and told him by PM to register under a new name in order to not confuse members. Then I decided to just delete the account because I noticed that he modified the board to expose one of the hidden forums and changed the board to say, check out our New Vet Board (suppose to be hidden). So in other words he gained access to the admin panel.

He then registered another account named admin. I kept banning it until he got up to a total of 4 accounts named admin. After that happened he deleted my account.

I tried to access the other accounts that I gave admin access to while all of this was going on (I was thinking ahead) but he deleted them too. He then deleted all of my mods who had access to the admin panel.

I run 2.03 and I have no idea what to do now. I didn't think anyone was able to register under the account admin, I didn't think you could give yourself access to the admin panel, and I didn't think you could remove the account of the original administrator. Someone please contact me ASAP and let me know what to do next.

[ptbyjason]

Is there anything I can do where I can alter the PHP to give myself access to the board again? I still have access to that. Anything you can do to help me will be greatly appreciated.

[Reeve of shinra]

****, that sux

first, make sure you do NOT have the retrieve admin password file loaded. Its the one that is included in the tools folder in the initial zip.

second, check the permissions for all your user groups to ensure that there arent any extra's - or current ones - with admin like power.

should do the trick ... should ...

[ptbyjason]

how do I get into the admin panel now?

[ptbyjason]

Quote:

Originally posted by Reeve of shinra
first, make sure you do NOT have the retrieve admin password file loaded. Its the one that is included in the tools folder in the initial zip.

second, check the permissions for all your user groups to ensure that there arent any extra's - or current ones - with admin like power.

1st. Do you know the exact file name of it? I cannot find it in there. I was not the original installer of our vbulletin, but I can see all of the files in our folders.

2nd. They could have easily given one user access to the admin control panel without me knowing, right?

I wish I had done that instead of changing my other accounts to administrators. It would have been better hidden.

[TECK]

i'm working on a script to let you gain access to your admin panel.. and also in a procedure to make it secured.. stay put.. i'm testing it right now

[TECK]

let me know if you have control over your web account.
i secured my vb panel so nobody can have access. even if you are admin, you cannot delete the original admin or edit any admins the original admin dont want you to..

[ptbyjason]

I do not have control over the web accounts, they have been deleted, but I have no idea how that was possible.

Thank you for the help

[TECK]

you cannot access your host anymore??????
then you must contact your web provider to assign you a new password.

about vb.. dont worry about, this can be easily bypassed, even if the hacker blocked your account. what i need to know is if you can upload files to your web folder using an ftp client