I've been hacked, mass code injection

Deverill

Senior Member

Join Date: Jan 2011

Posts: 305

vBulletin Version: 4.1.x
Share

Tweet
#1

[CMS] I've been hacked, mass code injection

Sun 7 Oct '12, 10:07pm

I am on the latest stable version of vb4 and have been hacked.

Every webpage I visit presents something similiar to - Parse error: syntax error, unexpected '<' in /home/midwife/public_html/activity.php on line 91

This piece of code has been added to the end of every web page -

PHP Code:

<?php if ($_GET["x"] == "lul") { /*code*/; } ?>

Now what do I do? There are hundreds of files, lots customised too!
Tags: None
Hartmut

Senior Member

Join Date: Nov 2007

Posts: 2870

vBulletin Version: 4.2.x
Share

Tweet
#2

Mon 8 Oct '12, 1:11am

First of all: Change all your passwords and get in touch with your hoster to find out about how you got hacked.

Then: Download the vBulletin package again and upload all the files once more by overwriting in ASCII mode. Disable all plugins and products and see what happens. Does vB run again without error messages?

No private support, only PM me when I ask for it. Support in the forums only.
Comment

vBulletin 4 End of Life