Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > General > Member Archives
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Details »»

Version: , by ptbyjason ptbyjason is offline
Developer Last Online: Jan 2010 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 02-23-2002 Last Update: Never Installs: 0
 
No support by the author.

What can I do guys? I just got hacked and my everyone who has an account to the admin control panel had their account deleted!!! What can I do to get back in and fix it. Some of the info on the board does not need to be open to the public.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 02-23-2002, 12:40 AM
ptbyjason's Avatar
ptbyjason ptbyjason is offline
 
Join Date: Dec 2001
Location: TX
Posts: 116
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok, I have everything moved to a new directory now. Here is what happened.

Somehow the guy was able to register under the account "admin" (supposed to be restricted). I suspended (suspended category allows PMs but no posting) the account and told him by PM to register under a new name in order to not confuse members. Then I decided to just delete the account because I noticed that he modified the board to expose one of the hidden forums and changed the board to say, check out our New Vet Board (suppose to be hidden). So in other words he gained access to the admin panel.

He then registered another account named admin. I kept banning it until he got up to a total of 4 accounts named admin. After that happened he deleted my account.

I tried to access the other accounts that I gave admin access to while all of this was going on (I was thinking ahead) but he deleted them too. He then deleted all of my mods who had access to the admin panel.

I run 2.03 and I have no idea what to do now. I didn't think anyone was able to register under the account admin, I didn't think you could give yourself access to the admin panel, and I didn't think you could remove the account of the original administrator. Someone please contact me ASAP and let me know what to do next.
Reply With Quote
  #3  
Old 02-23-2002, 12:58 AM
ptbyjason's Avatar
ptbyjason ptbyjason is offline
 
Join Date: Dec 2001
Location: TX
Posts: 116
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Is there anything I can do where I can alter the PHP to give myself access to the board again? I still have access to that. Anything you can do to help me will be greatly appreciated.
Reply With Quote
  #4  
Old 02-23-2002, 01:01 AM
Reeve of shinra's Avatar
Reeve of shinra Reeve of shinra is offline
 
Join Date: Oct 2001
Location: NYC
Posts: 1,896
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

****, that sux

first, make sure you do NOT have the retrieve admin password file loaded. Its the one that is included in the tools folder in the initial zip.

second, check the permissions for all your user groups to ensure that there arent any extra's - or current ones - with admin like power.

should do the trick ... should ...
Reply With Quote
  #5  
Old 02-23-2002, 01:07 AM
ptbyjason's Avatar
ptbyjason ptbyjason is offline
 
Join Date: Dec 2001
Location: TX
Posts: 116
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

how do I get into the admin panel now?
Reply With Quote
  #6  
Old 02-23-2002, 01:20 AM
ptbyjason's Avatar
ptbyjason ptbyjason is offline
 
Join Date: Dec 2001
Location: TX
Posts: 116
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by Reeve of shinra
first, make sure you do NOT have the retrieve admin password file loaded. Its the one that is included in the tools folder in the initial zip.

second, check the permissions for all your user groups to ensure that there arent any extra's - or current ones - with admin like power.

1st. Do you know the exact file name of it? I cannot find it in there. I was not the original installer of our vbulletin, but I can see all of the files in our folders.

2nd. They could have easily given one user access to the admin control panel without me knowing, right?

I wish I had done that instead of changing my other accounts to administrators. It would have been better hidden.
Reply With Quote
  #7  
Old 02-23-2002, 01:39 AM
TECK's Avatar
TECK TECK is offline
 
Join Date: Nov 2001
Location: Canada
Posts: 4,182
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i'm working on a script to let you gain access to your admin panel.. and also in a procedure to make it secured.. stay put.. i'm testing it right now
Reply With Quote
  #8  
Old 02-23-2002, 01:40 AM
TECK's Avatar
TECK TECK is offline
 
Join Date: Nov 2001
Location: Canada
Posts: 4,182
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

let me know if you have control over your web account.
i secured my vb panel so nobody can have access. even if you are admin, you cannot delete the original admin or edit any admins the original admin dont want you to..
Reply With Quote
  #9  
Old 02-23-2002, 01:56 AM
ptbyjason's Avatar
ptbyjason ptbyjason is offline
 
Join Date: Dec 2001
Location: TX
Posts: 116
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I do not have control over the web accounts, they have been deleted, but I have no idea how that was possible.

Thank you for the help
Reply With Quote
  #10  
Old 02-23-2002, 01:57 AM
TECK's Avatar
TECK TECK is offline
 
Join Date: Nov 2001
Location: Canada
Posts: 4,182
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

you cannot access your host anymore??????
then you must contact your web provider to assign you a new password.

about vb.. dont worry about, this can be easily bypassed, even if the hacker blocked your account. what i need to know is if you can upload files to your web folder using an ftp client
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:16 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04851 seconds
  • Memory Usage 2,288KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete