Some idiot screwing with me.

My forum has been constantly turning on and off..... so now i receive this email

Code:

Alright f**ker..

Here's the deal. You don't want your site going down anymore? You're going to have to do 1 thing.

Give me access to your cPanel for the day. And tomorrow I'll remove my account that has all admin rights. Deal?

How I've been doing it.. hehe.. well, I have a hidden account on your database that has all admin rights. All I want to do is get in your cPanel to copy your database and I'll be on my way.

The way this works is.. you have a lot of users. You'll never find me in the 200,000something users you have. So.. therefore, you need me to give you the account I have so you can delete it. NOW.. replacing your database will not work. For I have a program on my desktop that gives me admin access to any vbulletin forum I want. You want your site safe? Well.. give me your cPanel and we'll call it even. You can change your cPanel password tomorrow.

He keeps turning it on and off how can i put an end to this!!

[Wired1]

If he was just opening and closing the forum (e.g. from the adminCP), you can just demote all mods / admins except for yourself to a normal user, double check the rights of all the member groups, and check to make sure you're the only super admin (if you are one at all).

[Amenadiel]

I'm sure he didn't had access to the admincp either, because he could run custom queries from there to get the user list.

It seems to me he got a way to upload a php file, and by adding an include('includes/config.php') he ran a script that turned the forum down. Now, If he knew what he was doing, he would have included a query in the uploaded file itself to strip the user list. Again, it's just a script kiddie.

[Marco van Herwaarden]

Just think for yourself: If you where a hacker and had software to gain access to any vBulletin board, why would i target your site, i would go for the sites that get most attention: vb.com & vb.org.

Now how come we are never target to such successfull attacks if it was possible to hack "any vBulletin board".

[Freezerator]

I would seriously reconsider your password and security policy's for staff.

[nerofix]

One little question, is your whole webspace down or only your vb board?

If its the whole site (server not reachable anymore), then your provider should update the linux software with a better kernel.
I know this kinds of scripts getting your webspace down.

[fordsho]

His Reply.

Quote:

What is their URL? And for you being a little smart** bi*ch, I'll work on cracking your cPanel anyways. I have a friend that does all sorts of shit like that and it would be nothing to f**k you up. You sound like an amateur. "you lick sswarez's A**hole while your hold it's balls"? Let me guess, you're 15? You think replacing your vBulletin will fix your problem? It didn't. I'm staring at your ftp right now. You have your shit set up all sloppy. Not too professional By the way, you can delete that chat directory. It doesn't seem to be working right, since your fag*ot a** doesn't know how to set it up.. lmao. Amateur? Yes indeed. Your site is perfect for XSS. That means Cross Site Scripting. Oh yeah. You're f**ed now.. LMFAO.

Now seriously. What's your f**king cPanel password? If I have to crack it myself, it's only going to piss me off and I'll delete EVERYTHING. F**ktard.

This guy is pissing me off... im going to have all my passes rest and then go from there.

[Boofo]

Resetting the passwords should have been one of the first things you did.

He's bluffing. Ignore him and do not respond to him. The chat remark gives him away. Most sites that have a chat on them have a chat directory. Also, if he had your FTP, you would be seeing some phantom pages by now. He's bluffing to try and get you to give in. And with language like he is using, I'm guessing he isn't 15 yet. Look there first at any staff you have had in the past.

[iogames]

Quote:

Originally Posted by fordsho

His Reply.





This guy is pissing me off... im going to have all my passes rest and then go from there.

All I can say is: he's working more your mind than your board... RELAX! and learn everybody is trying to help you here...

[sinfull]

As Iogames stated, he's playing mind games.
Don't give in, put on your poker face
Also, my pass is 40 chars long consisting of letters numbers and an alot code.
Maybe you should do the same,so you don't have to worry about some little cracking attempts.

Btw, if he does have your database already, all he has to do is crack your hash and he has your forum password. So your best off to change it.

[lasto]

how is he getting in touch with u - if its by way of emails then he is leaving a trace etc - act upon it