Forum Hacked by Palestinian Hacker - How to Fix?

My forum has been hacked.

I had a quick look at files and can't see how it is hacked.
I am sure there is somewhere it is drawing the content for the home page to show it is hacked.

My site is http://www.businesss-forum.com

Any help greatly appreciated.

Col

 

Well.. I'm a freelancer if interested, I just need to see if the database is still intact, if they dropped it then that might be a problem.

 

Hmmm catch him at www.rf2at.com ! He is from that forum...

 

many hackers tend to leave their nub hacker site on the page, get them there and contact the host

 

I know the guys
but I am sure they did not destroy your files or anything, just they did rename your index, check your files, you will find how to fix that in few minutes. besides they are not bad guys, they do it to make you aware how to secure your site.
remember always to keep updating your CMS or forum what you are using.
Thanks

 

They're not totally bad....but its kinda like a graffiti removal company going around at night and spray painting peoples houses and then putting their graffiti removal business cards in their mailboxes. Its just a little over the top.

 

contact the hacker and pay some fees to fix the security holes on your forum.

 

delete index.php & replace with new index.php from you vbulletin..

 

check your site configuration section in your mysql database....most likely he has inserted some hacking code via sql injection if you can't see any files modified.

 

Hackers often overwrite your main index page but leave untouched the rest so reupload such page and everything will be find.

Otherwise you may receive the nasty surprise of MySQL errors and then you will need to restore your dabatase backup.

Either way, verify that your database admin users were not modified or a new one injected, in which case you need to delete them and re-add them manually to avoid future hacking attacks.

On a side note to everyone, remember that any site must be backed up on a regular basis onto your computer, files and databases included.

 

Well, this is dangerous it will make people being like bandits in the street, you pay or you can't walk away but virtually ... we will see more

 

Can something be added to the phpbb forum to stop this happening in the 1st place ???

 

things are added all the time, but hackers usually find ways to always get around it sooner or later.

 

Most forum hacks occur using the admin CP. Always protect your admin directory using htpasswd, it'll deter most (if not all) kiddy hackers.

Peace,

 

genius thought there. give that a try.

 

it's vbulletin and I am away from home right now. I am on my laptop and I don't have the backup on my drive with me.

I took a look at index.php and it has not been modified. Tried to login to admin as well and it redirects to home page...GRRRRRRRRRRRRRRR

 

http://businesss-forum.com/admincp/

That page does not redirect to homepage, it does when you login?

 

What mods did you have installed on the forum? There are some exploits involving specific mods...

 

Better to prevent. Step one, watch out for the indian coders that pump out 200 scripts a day. Their security sucks.

Look into using mod_security also.

 

omg, such a l33t ppl..
<META content="Microsoft FrontPage 12.0" name=GENERATOR>