Preventative - How to avoid being Hacked by TeamPS i.e. p0wersurge

[ReFuZe]

lolz that doesnt secure you at all it only secures the admincp but not that good theres tools for it I know becuase ive seen people do it and i had it all you need is a good hosting with alot of security cloudflare htaccess and no vuln and all that thats how you get secured

[TheLastSuperman]

Quote:

Originally Posted by ReFuZe

lolz that doesnt secure you at all it only secures the admincp but not that good theres tools for it I know becuase ive seen people do it and i had it all you need is a good hosting with alot of security cloudflare htaccess and no vuln and all that thats how you get secured

I've never understood posts like the one above ^ - Not trying to be rude but either post "How-To" or don't post comments like that at all in my threads please, anywhere else go ahead however imo it does help if the one gaining access to your site knows nothing more than the context of the tutorial or video he/she is viewing correct? Case in point.

Your exactly right though, there's other ways that are much better however in my initial post above I clearly stated:

Quote:

what I aim to do is make a quick post letting you know a few simple tips

Pay attention and read between the lines so your not presented with a response like this in the future, everyone should be well prepared .

[socialteenz]

Great article. You are definitely a superman.

[CharlieDelta]

Quote:

Originally Posted by socialteenz

Great article. You are definitely a superman.

No he is not....he is the LAST SUPERMAN!!

Thank you for this article. :up:

[ReFuZe]

Check my Article out that secures your site from Shells. plus Im working a tool that scans and when finds shells it removes them me and relevant are doing it so once its done it will be out to public but in the mean time use my article look at my threads

--------------- Added [DATE]1324909616[/DATE] at [TIME]1324909616[/TIME] ---------------

Im a pro hacker and a pro secure I know alot of basic but vb4.1.9 had too many LFI and RFI docks in them so thats why they are easir plus thats why I made my thread on how to block shells ill make a tut later


Sorry for my grammer just woke up

[JimxJNM]

Quote:

Originally Posted by ReFuZe

Check my Article out that secures your site from Shells. plus Im working a tool that scans and when finds shells it removes them me and relevant are doing it so once its done it will be out to public but in the mean time use my article look at my threads

--------------- Added [DATE]1324909616[/DATE] at [TIME]1324909616[/TIME] ---------------

Im a pro hacker and a pro secure I know alot of basic but vb4.1.9 had too many LFI and RFI docks in them so thats why they are easir plus thats why I made my thread on how to block shells ill make a tut later


Sorry for my grammer just woke up

Basically vBulletin websites doesn't have RFI / LFI Injections... In based the files aren't supporting these kind of LFI or RFI injections... Just letting you know

[ReFuZe]

Yeah I know, I thought they where. Tm currently working on my tool to prevent hacking and shells. It might be possible but my other coder said it will take time.

[Eslob]

the best method is to encypt the config.php & class_core.php.

and keep a backup on ur pc.

and disable html in posts.

and change the path for config.php & change admincp folder to other and keeping the old name as an ambush.

[Angel-Wings]

Quote:

Originally Posted by Eslob

the best method is to encypt the config.php & class_core.php.

Sorry but someone who could access your server to have read rights for config.php (meaning the code) would have no problems with a simple copy & paste and then decode everything.

One thing to add maybe - if the site got defaced then the usual way would be to do a complete reinstall. Just copying in backups would also copy the security issue again someone used for the defacement.