The Arcive of Official vBulletin Modifications Site.

n95gps · #1 10-17-2008, 10:53 PM

hi guys

i took the e-mail of the hacker from the index he put in mu site

and i chated with him via MSN

anyhow

i asked him why did you do it
he said for fun

so i said i need you to help me here

he said the way i hacked your site is like this

your host

host monster

is a week host

also he said

that he knew my DB by using

class_core.php

he said it gave him everything about the DB

he also told me to do the following

he said use

Zend safeguard to protect your config file

he also told me to change the config file to an image

i know the zend way but how can i change the config to an image

also he mentioned something about giving the forum folder CHMD 1111

you guys for sure know better than i do

do you think he is telling the truth

i told him that i have a domy config file and i am using an alternative one with a diff name
he told me he know about it

i am waiting for your replies

Shazz · #2 10-18-2008, 01:35 AM

How did he hack it? When you were speaking of hosts it seemed like DDos.
Link to your site?

hantousha · #3 10-18-2008, 02:14 AM

I also use hostmonster, and my site in the past 3 days has been hacked. I determined the hacker was able to access the database without submitting a query via the Forum files. He is still lurking and making fun of my inability to secure the site nomatter what i do.

#4 10-18-2008, 03:00 AM

actually, the hacker will never help you.. the technique he indicates here is just to help him integrate your site even more...

when you see the murderer of your parents, do you ask him if he can revive your parents ?!

change your host for a more secure one... yeah, you will have to pay for a host... sorry.

Shazz · #5 10-18-2008, 03:58 AM

If your on free hosting you would wonder why!

Lizard King · #6 10-18-2008, 04:38 AM

If you really want to protect yourself , move your config.php file to one of root folders such as /etc/vb so only root can modify it.

Marco van Herwaarden · #7 10-18-2008, 08:28 AM

that would still ot prevent anyone with server access (!!!) to read the config file. The only solution in this case is to have your host increase security or switch hosts.

Netunt · #8 10-18-2008, 08:33 AM

Ok, mods delete then link if it against the rules but I've got two vBulletin licenses on hawkhost.com and haven't been hacked yet.

therogueforums · #9 10-18-2008, 09:35 AM

Well, if it's the same asshat that has been hacking my site, it's through SQL injection. I also use HostMonster.

a 1111 setting is... well... no. Just don't do it.

At any rate, any known method to prevent this clown from hitting again? All 3 times, it's been through SQL injection, bypassing all security, as if it didn't even exist. It's not a member, and the access logs seem to indicate the guy is from Israel. Halp?

Marco van Herwaarden · #10 10-18-2008, 09:48 AM

As already mentioned, if the security of your host is below normal, then there is not much you can do.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04668 seconds Memory Usage 2,242KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (2)pagenav_pagelink (10)post_thanks_box (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (10)post_thanks_postbit_info (10)postbit (9)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!