Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 02-02-2014, 08:42 PM
sheyworth sheyworth is offline
 
Join Date: Mar 2009
Posts: 56
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Really Big Problem

Hello everyone, my website is http://centerstagesports.com

I switched to a new host recently so we had to switch our nameservers. while the nameservers were updating, someone somehow got into the forum and when you click the forum tab it goes to a wordpress page that says knickers is cool.

If you look at whats going on, it goes to the /install directory which there isn't even a install directory in the database. This literally makes no sense for me and this is for VB 4.20 by the way. Please let me know if you have any suggestions, thanks.
Reply With Quote
  #2  
Old 02-02-2014, 10:14 PM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Open your includes/config.php file and below<?php add this line:

PHP Code:
 define('DISABLE_HOOKS'true); 
So it looks like this:
PHP Code:
<?php
define
('DISABLE_HOOKS'true);
/*=================================================  =====================*\
|| ##################################################  ################## ||
|| # vBulletin 4.2.2
Does the issue still persist?
Reply With Quote
Благодарность от:
RSNF
  #3  
Old 02-03-2014, 12:25 AM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by sheyworth View Post
Hello everyone, my website is http://centerstagesports.com

I switched to a new host recently so we had to switch our nameservers. while the nameservers were updating, someone somehow got into the forum
Highly unlikely.

Here's page source code, it's not any "hacking" I've ever seen.

HTML Code:
<!DOCTYPE html>
<!--[if IE 7]>
<html class="ie ie7" lang="en-US">
<![endif]-->
<!--[if IE 8]>
<html class="ie ie8" lang="en-US">
<![endif]-->
<!--[if !(IE 7) | !(IE 8)  ]><!-->
<html lang="en-US">
<!--<![endif]-->
<head>
	<meta charset="UTF-8">
	<meta name="viewport" content="width=device-width">
	<title>Knickers Is Cool | woooooooooooooo</title>
	<link rel="profile" href="http://gmpg.org/xfn/11">
	<link rel="pingback" href="http://www.centerstagesports.com/xmlrpc.php">
	<!--[if lt IE 9]>
	<script src="http://www.centerstagesports.com/wp-content/themes/twentythirteen/js/html5.js"></script>
	<![endif]-->
	<link rel="alternate" type="application/rss+xml" title="Knickers Is Cool &raquo; Feed" href="http://www.centerstagesports.com/?feed=rss2" />
<link rel="alternate" type="application/rss+xml" title="Knickers Is Cool &raquo; Comments Feed" href="http://www.centerstagesports.com/?feed=comments-rss2" />
<link rel='stylesheet' id='twentythirteen-fonts-css'  href='//fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext' type='text/css' media='all' />
<link rel='stylesheet' id='genericons-css'  href='http://www.centerstagesports.com/wp-content/themes/twentythirteen/fonts/genericons.css?ver=2.09' type='text/css' media='all' />
<link rel='stylesheet' id='twentythirteen-style-css'  href='http://www.centerstagesports.com/wp-content/themes/twentythirteen/style.css?ver=2013-07-18' type='text/css' media='all' />
<!--[if lt IE 9]>
<link rel='stylesheet' id='twentythirteen-ie-css'  href='http://www.centerstagesports.com/wp-content/themes/twentythirteen/css/ie.css?ver=2013-07-18' type='text/css' media='all' />
<![endif]-->
<script type='text/javascript' src='http://www.centerstagesports.com/wp-includes/js/jquery/jquery.js?ver=1.10.2'></script>
<script type='text/javascript' src='http://www.centerstagesports.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1'></script>
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://www.centerstagesports.com/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://www.centerstagesports.com/wp-includes/wlwmanifest.xml" /> 
<meta name="generator" content="WordPress 3.7.1" />
	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
	<style type="text/css" id="twentythirteen-header-css">
			.site-header {
			background: url(http://www.centerstagesports.com/wp-content/themes/twentythirteen/images/headers/circle.png) no-repeat scroll top;
			background-size: 1600px auto;
		}
			.site-title,
		.site-description {
			color: #0a0000;
		}
		</style>
	</head>

<body class="home blog single-author">
	<div id="page" class="hfeed site">
		<header id="masthead" class="site-header" role="banner">
			<a class="home-link" href="http://www.centerstagesports.com/" title="Knickers Is Cool" rel="home">
				<h1 class="site-title">Knickers Is Cool</h1>
				<h2 class="site-description">woooooooooooooo</h2>
			</a>

			<div id="navbar" class="navbar">
				<nav id="site-navigation" class="navigation main-navigation" role="navigation">
					<h3 class="menu-toggle">Menu</h3>
					<a class="screen-reader-text skip-link" href="#content" title="Skip to content">Skip to content</a>
					<div class="nav-menu"><ul><li class="page_item page-item-2"><a href="http://www.centerstagesports.com/?page_id=2">Sample Page</a></li></ul></div>
					<form role="search" method="get" class="search-form" action="http://www.centerstagesports.com/">
				<label>
					<span class="screen-reader-text">Search for:</span>
					<input type="search" class="search-field" placeholder="Search &hellip;" value="" name="s" title="Search for:" />
				</label>
				<input type="submit" class="search-submit" value="Search" />
			</form>				</nav><!-- #site-navigation -->
			</div><!-- #navbar -->
		</header><!-- #masthead -->

		<div id="main" class="site-main">

	<div id="primary" class="content-area">
		<div id="content" class="site-content" role="main">
		
										
<article id="post-13" class="post-13 post type-post status-publish format-standard hentry category-uncategorized">
	<header class="entry-header">
		
				<h1 class="entry-title">
			<a href="http://www.centerstagesports.com/?p=13" rel="bookmark">Knickers worship begins; pronk still fat</a>
		</h1>
		
		<div class="entry-meta">
			<span class="date"><a href="http://www.centerstagesports.com/?p=13" title="Permalink to Knickers worship begins; pronk still fat" rel="bookmark"><time class="entry-date" datetime="2014-02-02T16:51:26+00:00">p20142014p</time></a></span><span class="categories-links"><a href="http://www.centerstagesports.com/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a></span><span class="author vcard"><a class="url fn n" href="http://www.centerstagesports.com/?author=1" title="View all posts by Knickers" rel="author">Knickers</a></span>					</div><!-- .entry-meta -->
	</header><!-- .entry-header -->

		<div class="entry-content">
					</div><!-- .entry-content -->
	
	<footer class="entry-meta">
					<div class="comments-link">
				<a href="http://www.centerstagesports.com/?p=13#comments" title="Comment on Knickers worship begins; pronk still fat">View all 7 comments</a>			</div><!-- .comments-link -->
		
			</footer><!-- .entry-meta -->
</article><!-- #post -->
							
<article id="post-6" class="post-6 post type-post status-publish format-standard hentry category-uncategorized">
	<header class="entry-header">
		
				<h1 class="entry-title">
			<a href="http://www.centerstagesports.com/?p=6" rel="bookmark">pronk is fat</a>
		</h1>
		
		<div class="entry-meta">
			<span class="date"><a href="http://www.centerstagesports.com/?p=6" title="Permalink to pronk is fat" rel="bookmark"><time class="entry-date" datetime="2014-02-02T06:36:11+00:00">p20142014p</time></a></span><span class="categories-links"><a href="http://www.centerstagesports.com/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a></span><span class="author vcard"><a class="url fn n" href="http://www.centerstagesports.com/?author=1" title="View all posts by Knickers" rel="author">Knickers</a></span>					</div><!-- .entry-meta -->
	</header><!-- .entry-header -->

		<div class="entry-content">
		<p>he is a fat guy</p>
			</div><!-- .entry-content -->
	
	<footer class="entry-meta">
					<div class="comments-link">
				<a href="http://www.centerstagesports.com/?p=6#comments" title="Comment on pronk is fat">View all 11 comments</a>			</div><!-- .comments-link -->
		
			</footer><!-- .entry-meta -->
</article><!-- #post -->
							
<article id="post-4" class="post-4 post type-post status-publish format-standard hentry category-uncategorized">
	<header class="entry-header">
		
				<h1 class="entry-title">
			<a href="http://www.centerstagesports.com/?p=4" rel="bookmark">Knickers is your king once again</a>
		</h1>
		
		<div class="entry-meta">
			<span class="date"><a href="http://www.centerstagesports.com/?p=4" title="Permalink to Knickers is your king once again" rel="bookmark"><time class="entry-date" datetime="2014-02-02T06:34:27+00:00">p20142014p</time></a></span><span class="categories-links"><a href="http://www.centerstagesports.com/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a></span><span class="author vcard"><a class="url fn n" href="http://www.centerstagesports.com/?author=1" title="View all posts by Knickers" rel="author">Knickers</a></span>					</div><!-- .entry-meta -->
	</header><!-- .entry-header -->

		<div class="entry-content">
		<p>lol</p>
			</div><!-- .entry-content -->
	
	<footer class="entry-meta">
					<div class="comments-link">
				<a href="http://www.centerstagesports.com/?p=4#respond" title="Comment on Knickers is your king once again"><span class="leave-reply">Leave a comment</span></a>			</div><!-- .comments-link -->
		
			</footer><!-- .entry-meta -->
</article><!-- #post -->
							
<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
	<header class="entry-header">
		
				<h1 class="entry-title">
			<a href="http://www.centerstagesports.com/?p=1" rel="bookmark">Hello world!</a>
		</h1>
		
		<div class="entry-meta">
			<span class="date"><a href="http://www.centerstagesports.com/?p=1" title="Permalink to Hello world!" rel="bookmark"><time class="entry-date" datetime="2014-02-02T06:33:08+00:00">p20142014p</time></a></span><span class="categories-links"><a href="http://www.centerstagesports.com/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a></span><span class="author vcard"><a class="url fn n" href="http://www.centerstagesports.com/?author=1" title="View all posts by Knickers" rel="author">Knickers</a></span>					</div><!-- .entry-meta -->
	</header><!-- .entry-header -->

		<div class="entry-content">
		<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
			</div><!-- .entry-content -->
	
	<footer class="entry-meta">
					<div class="comments-link">
				<a href="http://www.centerstagesports.com/?p=1#comments" title="Comment on Hello world!">One comment so far</a>			</div><!-- .comments-link -->
		
			</footer><!-- .entry-meta -->
</article><!-- #post -->
			
			
		
		</div><!-- #content -->
	</div><!-- #primary -->


		</div><!-- #main -->
		<footer id="colophon" class="site-footer" role="contentinfo">
				<div id="secondary" class="sidebar-container" role="complementary">
		<div class="widget-area">
			<aside id="search-2" class="widget widget_search"><form role="search" method="get" class="search-form" action="http://www.centerstagesports.com/">
				<label>
					<span class="screen-reader-text">Search for:</span>
					<input type="search" class="search-field" placeholder="Search &hellip;" value="" name="s" title="Search for:" />
				</label>
				<input type="submit" class="search-submit" value="Search" />
			</form></aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
					<li>
				<a href="http://www.centerstagesports.com/?p=13">Knickers worship begins; pronk still fat</a>
						</li>
					<li>
				<a href="http://www.centerstagesports.com/?p=6">pronk is fat</a>
						</li>
					<li>
				<a href="http://www.centerstagesports.com/?p=4">Knickers is your king once again</a>
						</li>
					<li>
				<a href="http://www.centerstagesports.com/?p=1">Hello world!</a>
						</li>
				</ul>
		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">jfrancis on <a href="http://www.centerstagesports.com/?p=13#comment-31">Knickers worship begins; pronk still fat</a></li><li class="recentcomments">pronk48 on <a href="http://www.centerstagesports.com/?p=13#comment-30">Knickers worship begins; pronk still fat</a></li><li class="recentcomments">pronk48 on <a href="http://www.centerstagesports.com/?p=13#comment-29">Knickers worship begins; pronk still fat</a></li><li class="recentcomments">mbs on <a href="http://www.centerstagesports.com/?p=13#comment-28">Knickers worship begins; pronk still fat</a></li><li class="recentcomments">jfrancis on <a href="http://www.centerstagesports.com/?p=13#comment-27">Knickers worship begins; pronk still fat</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
			<li><a href='http://www.centerstagesports.com/?m=201402'>February 2014</a></li>
		</ul>
</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
	<li class="cat-item cat-item-1"><a href="http://www.centerstagesports.com/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
</li>
		</ul>
</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
						<li><a href="http://www.centerstagesports.com/wp-login.php">Log in</a></li>
			<li><a href="http://www.centerstagesports.com/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
			<li><a href="http://www.centerstagesports.com/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>						</ul>
</aside>		</div><!-- .widget-area -->
	</div><!-- #secondary -->

			<div class="site-info">
								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform">Proudly powered by WordPress</a>
			</div><!-- .site-info -->
		</footer><!-- #colophon -->
	</div><!-- #page -->

	<script type='text/javascript' src='http://www.centerstagesports.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=2.1.05'></script>
<script type='text/javascript' src='http://www.centerstagesports.com/wp-content/themes/twentythirteen/js/functions.js?ver=2013-07-18'></script>
</body>
</html>
<!-- Dynamic page generated in 0.123 seconds. -->
<!-- File not cached! Super Cache Couldn't write to: wp-content/cache/supercache/www.centerstagesports.com/forum/72163599752eeee3fad0237.81361760.tmp -->
Reply With Quote
  #4  
Old 02-03-2014, 12:32 AM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Right, but need to disable the plugins to see if they did it in a plugin, or in the template.
Reply With Quote
  #5  
Old 02-03-2014, 12:35 AM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ozzy47 View Post
Right, but need to disable the plugins to see if they did it in a plugin, or in the template.
I agree. Also more likely than timely "hacking."

But.

I think it is more likely the nameservers are pointing to the wrong place, than it being a "hacker." Or even more likely, this existing WP installation is being called.
Reply With Quote
Благодарность от:
ozzy47
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:33 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09933 seconds
  • Memory Usage 2,290KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_html
  • (2)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (2)post_thanks_box_bit
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (2)post_thanks_postbit
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete