HaCKed By Red-D3v1L [email protected]

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • steven s
    Senior Member
    • Jul 2004
    • 3722
    • 3.8.x

    #16
    Originally posted by joyboy2001
    Thanks guys. I apologize once again for being a pain because I got very emotional about the whole thing.
    It's easy to get emotional over being hacked, but as DutchTreat said, it may have been somewhere else on the server. From what I understand, if you are on a shared server, hackers can gain access through another site.

    Be sure to use different and difficult passwords everywhere.
    My root password is different from all of my database passwords.
    I use http://strongpasswordgenerator.com/ and http://paulding.net/password.html to create passwords.
    ...steven
    www.318ti.org (vB3.8) | www.nccbmwcca.org (vB4.2)
    bmwcca.org/forum | m135i.net
    "I tried to clean this up but this thread is beyond redemption." - Steve Machol

    Comment

    • joyboy2001
      Member
      • Nov 2008
      • 38
      • 4.2.x

      #17
      I don't believe this

      My website got hacked once again ... This time by a different hacker ...

      This is unbelieveable !!

      I love vBulletin but this is too much ... everytime it's the forum that gets hacked and other pages remain untouched ... I even changed passwords and put in the security precautions given on this site ... This has got to be a security flaw with vBulletin !!

      Comment

      • Biker
        Senior Member
        • Oct 2003
        • 1261
        • 4.0.0

        #18
        Horse pucky... VB is extremely secure. But it's only as secure as the server it's hosted on.
        I drank WHAT?! - Socrates

        Comment

        • Shamil.
          Senior Member
          • Feb 2008
          • 4755
          • 4.2.X

          #19
          Did you secure your forum properly as per the given instructions? Additionally, can you ask your host to make your server secure, and then use very stringent and strong passwords everywhere, including the mysql database password.

          If you are on a shared hosting package, it might be worth to look elsewhere becuase the problem might be with another script on the server.
          Shamil Nunhuck, - Radon Systems Ltd.
          VPS + Dedicated Server Hosting and Management
          vBulletin Hosting and Services
          Server / Website Consultation

          Comment

          • MGSteve
            Senior Member
            • Sep 2002
            • 192

            #20
            We've used VB since around 2003 and I can count on two fingers(!) the times we've been hacked. Once was through a flaw in Photohost, so not even VB and another was due to the problems caused by members having the same password as their username. Yes, some people are still that stupid. I'd like to think that the fuss I kicked up over that caused the change soon after where VB added a check for such passwords. Whether it was down to that I don't know, but hey, I'm just glad they added it.

            As such, you need to a) look at all the scripts on the same server, if its a shared server that could be any script on any website hosted on that server. VB as a whole is pretty secure, but as others have said, not much use if the server as a whole is insecure.
            Regards

            Steve.
            www.mg-rover.org - Forum for MG and Rover owners everywhere!
            85k users and 4million posts & growing.

            Comment

            • joyboy2001
              Member
              • Nov 2008
              • 38
              • 4.2.x

              #21
              I have asked the server guys to move my account to another server even in it's current hacked state. Please let me know how I should proceed next.

              vBulletin staff was very helpful the last time such a thing happened. I hope they can help me this time as well.

              The URL to the forum is http://revlimit.co.in/forum

              Comment

              • peterska2
                Senior Member
                • Oct 2003
                • 8869
                • 3.7.x

                #22
                To troubleshoot this, first reupload all the original vB non-image files (except install.php). Make sure you upload these in ASCII format and overwrite the ones on the server. Also be sure to upload the admincp files to whichever directory you have set in your config.php file. Then run 'Suspect File Versions' in Diagnostics to make sure you have all the original files for your version and that none show 'File does not contain expected contents':

                Admin CP -> Maintenance -> Diagnostics -> Suspect File Versions

                [Note: In some cases you may also need to remove any of the listed .xml files in the includes/xml directory.]

                Next, disable all plugins.

                Note: To temporarily disable the plugin system, edit config.php and add this line right under <?php

                define('DISABLE_HOOKS', true);

                Then if you still have this problem, create a new style and choose no parent style. This will force it to use the default templates. Finally empty your browser cache, close all browser windows then try again. Make sure you change to the new style and view your forums with it.

                Do you have the same problem?

                Also, see this thread:

                Comment

                • Bounce
                  Senior Member
                  • Feb 2005
                  • 640
                  • 4.2.x

                  #23
                  The pirate image comes from http://www.m5zn.com/ but you prob know that

                  They could have just used that image from that site thou..?

                  Registrant:
                  M5zn
                  PO Box16003
                  Jeddah, 21464
                  Saudi Arabia

                  Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
                  Domain Name: M5ZN.COM
                  Created on: 06-Apr-06
                  Expires on: 06-Apr-10
                  Last Updated on: 28-Nov-08

                  Administrative Contact:
                  Almalki, Mohammed [email protected]
                  M5zn
                  PO Box16003
                  Jeddah, 21464
                  Saudi Arabia
                  500039986

                  Technical Contact:
                  Almalki, Mohammed [email protected]
                  M5zn
                  PO Box16003
                  Jeddah, 21464
                  Saudi Arabia
                  500039986

                  Domain servers in listed order:
                  NS1.M5ZN.COM
                  NS2.M5ZN.COM

                  Comment

                  • Shamil.
                    Senior Member
                    • Feb 2008
                    • 4755
                    • 4.2.X

                    #24
                    Originally posted by Bounce
                    The pirate image comes from http://www.m5zn.com/ but you prob know that

                    They could have just used that image from that site thou..?

                    Registrant:
                    M5zn
                    PO Box16003
                    Jeddah, 21464
                    Saudi Arabia

                    Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
                    Domain Name: M5ZN.COM
                    Created on: 06-Apr-06
                    Expires on: 06-Apr-10
                    Last Updated on: 28-Nov-08

                    Administrative Contact:
                    Almalki, Mohammed [email protected]
                    M5zn
                    PO Box16003
                    Jeddah, 21464
                    Saudi Arabia
                    500039986

                    Technical Contact:
                    Almalki, Mohammed [email protected]
                    M5zn
                    PO Box16003
                    Jeddah, 21464
                    Saudi Arabia
                    500039986

                    Domain servers in listed order:
                    NS1.M5ZN.COM
                    NS2.M5ZN.COM
                    More likely that they did use an image from there. When I hack a site, I try to leave no traces.
                    Shamil Nunhuck, - Radon Systems Ltd.
                    VPS + Dedicated Server Hosting and Management
                    vBulletin Hosting and Services
                    Server / Website Consultation

                    Comment

                    • joyboy2001
                      Member
                      • Nov 2008
                      • 38
                      • 4.2.x

                      #25
                      vBulletin team saves the day once again

                      Comment

                      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                      Working...