I don't know how you do it Steve. Was this for real? I suspect not.
Hacked by a Wanna-be...
Collapse
X
-
-
Did you look through your access_logs? That is a good way to start to see how they got it.
Have you restored a backup database from before you were hacked?
Have you reuploaded all your default files to your site?
What have you done to fix the problem?
Please don't PM or VM me for support - I only help out in the threads.
vBulletin Manual & vBulletin 4.0 Code Documentation (API)
Want help modifying your vbulletin forum? Head on over to vbulletin.org
If I post CSS and you don't know where it goes, throw it into the additional.css template.
W3Schools <- awesome site for html/css helpComment
-
There are two ways to fix this, contact your host to check the logs and summit a support ticket that gives everything they ask for. Do you try to figure out how to fix a car when you don't have any clues on how to do it. sensor problem, computer problem, wiring problem and a hundred different things while you are looking at the tires?
- No url
- no contact host
- no information for support ticket
- no asking the $200 a day hacker what he did
- no version of vBulletin
it would help if it would did any of this. Version of VB he should know, it was the last one he uploaded from his PC.Comment
-
Posts removed for insulting and quoting the insult. Please do not do this again.Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
Change CKEditor Colors to Match Style (for 4.1.4 and above)
Steve Machol Photography
Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.
👍 1Comment
-
maybe I am the only one trying to figure this out...
I give ftp access as last resort...
I was hoping at least with your experience, then you would be helpful where to start
since VB probably sees stuff like this all the time...
I renamed my /includes/ directory and the hacker page went blank...so could the
problem be in the includes directory?
Yes, I try to figure a lot of this out myself
before having to give ftp access out to anyone....
Former vBulletin Support Staff
Hacked recently? See my blog post "Recovering a Hacked vBulletin Site".
Thinking outside the box? Need modification support? Visit www.vBulletin.org and have at it!Comment
-
1) yes loco, I am not quite as dumb as i appear, my first thought was to change the index....
2) I did not mean I was trying to cure the problem by changing anything. What I am saying is when
I interrupted the /includes/ directory, the the hacker page went blank...so does this mean the source
of the hacked page is coming from within the /includes/ directory?
3) Just because he did what he did does not make him smart if that is all he could do to my site...
The forum just compliments my site, it is not the money maker, and never has been....I just have
not found what he has done, chances are, any other "hacker" would have taken advantage of the
same weakness, probably the extent of their education as a whole anyway....
4) someone said replace the index; I see nothing in the index that would indicate the hack,
if it was the index, then any common person using VB would be hacked....
5) version 4.1.2
6) I also noticed that VBSEO urls no longer work...
(htacess is missing, host may have done that, who knows...)
7) SuperMan - You guys just do not get it...this isnt about trust. I have given VB
access before, this is not a trust issue...There is life outside my hacked forum....
I have just not had time to do it yet...before this is over, they will have access....
Ill kick this over to VB before the weekend is over...
I just have a lot going on right now, and includes an upcoming major move, bla, bla, bla....
Nope, the problem is you changed the includes folder.
Just picking random folders/files to change isn't going to fix the problem.
You haven't even posted the url for us to check out...
The only solution at this point is to fill out the support ticket as suggested this morning.
Is there a reason why you don't want to hand over your url or login info to the vb staff?
They looked at 100's of forums everyday, if not 1,000's..
I agree.. it looks like the "wannabe-hackers" have done a pretty good job.
Did you at least place a blank index file in your root, or have you been broadcasting to all your members and guest that your forum has been hacked?Last edited by dsimms; Fri 10 Jun '11, 6:56pm.Comment
-
I have, but the logs are so long that I could have just as easily missed something...and the
host does not appear all that much concerned or even being helpful...my last email to them
was if they can find any IP's other then myself connecting to my account/ftp, etc...not that
it will matter that much in the end....
I have backup's 3 ways to sunday, but without finding the problem at hand, then we just reset
and wait for the next hack to come in again, then we start it all over again...nothing accomplished....
tomorrow I will reupload v4.1.2 or higher - if that does not work, then I guess it was a 3rd party mod that was hacked...
To another poster, yea, I guess I pissed off someone, now that I think about this, it wasnt even a month ago when
microsoft gave me a red flag warning for my entire site...(virus warning) it is a popup that you get when you go to
a website that warns you of a potential virus....
took 2 weeks to convince them my site wasnt a virus out to take over the world....
someone got me on that one, lost a few bucks during those two weeks....
I hate when I become the pattern....Comment
-
Appears to have been a db hack....
Right after customavatar tables is nothing but garbage/jibberish... then when it gets to the next table the code goes back to normal again...
I can tell from coding and complete garbage.....
How does someone hack the db anyway?Comment
-
Comment
-
Please don't PM or VM me for support - I only help out in the threads.
vBulletin Manual & vBulletin 4.0 Code Documentation (API)
Want help modifying your vbulletin forum? Head on over to vbulletin.org
If I post CSS and you don't know where it goes, throw it into the additional.css template.
W3Schools <- awesome site for html/css helpComment
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Comment