1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Forum Hacked by Palestinian Hacker - How to Fix?

Discussion in 'PHP' started by Cheap SEO Services, Jul 9, 2008.

  1. #1
    My forum has been hacked.

    I had a quick look at files and can't see how it is hacked.
    I am sure there is somewhere it is drawing the content for the home page to show it is hacked.

    My site is http://www.businesss-forum.com

    Any help greatly appreciated.
    SEMrush
    Col :)
     
    Cheap SEO Services, Jul 9, 2008 IP
    SEMrush
  2. Mozzart

    Mozzart Peon

    Messages:
    189
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Well.. I'm a freelancer if interested, I just need to see if the database is still intact, if they dropped it then that might be a problem.
     
    Mozzart, Jul 9, 2008 IP
  3. SOULZRIPPER

    SOULZRIPPER Well-Known Member

    Messages:
    2,382
    Likes Received:
    39
    Best Answers:
    0
    Trophy Points:
    115
    #3
    SOULZRIPPER, Jul 9, 2008 IP
  4. gjvblack

    gjvblack Active Member

    Messages:
    338
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    58
    #4
    many hackers tend to leave their nub hacker site on the page, get them there and contact the host :)
     
    gjvblack, Jul 9, 2008 IP
  5. xpcontact

    xpcontact Member

    Messages:
    68
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    41
    #5
    I know the guys ;)
    but I am sure they did not destroy your files or anything, just they did rename your index, check your files, you will find how to fix that in few minutes. besides they are not bad guys, they do it to make you aware how to secure your site.
    remember always to keep updating your CMS or forum what you are using.
    Thanks
     
    xpcontact, Jul 10, 2008 IP
  6. JLEville

    JLEville Peon

    Messages:
    147
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    They're not totally bad....but its kinda like a graffiti removal company going around at night and spray painting peoples houses and then putting their graffiti removal business cards in their mailboxes. Its just a little over the top.
     
    JLEville, Jul 10, 2008 IP
  7. 2slick

    2slick Peon

    Messages:
    73
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #7
    contact the hacker and pay some fees to fix the security holes on your forum.
     
    2slick, Jul 10, 2008 IP
  8. LanZord

    LanZord Peon

    Messages:
    324
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #8
    delete index.php & replace with new index.php from you vbulletin..
     
    LanZord, Jul 10, 2008 IP
  9. nQQb

    nQQb Active Member

    Messages:
    332
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    60
    #9
    check your site configuration section in your mysql database....most likely he has inserted some hacking code via sql injection if you can't see any files modified.
     
    nQQb, Jul 10, 2008 IP
  10. Trusted Writer

    Trusted Writer Banned

    Messages:
    1,370
    Likes Received:
    52
    Best Answers:
    0
    Trophy Points:
    160
    #10
    Hackers often overwrite your main index page but leave untouched the rest so reupload such page and everything will be find.

    Otherwise you may receive the nasty surprise of MySQL errors and then you will need to restore your dabatase backup.

    Either way, verify that your database admin users were not modified or a new one injected, in which case you need to delete them and re-add them manually to avoid future hacking attacks.

    On a side note to everyone, remember that any site must be backed up on a regular basis onto your computer, files and databases included.
     
    Trusted Writer, Jul 10, 2008 IP
  11. xpcontact

    xpcontact Member

    Messages:
    68
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    41
    #11
    Well, this is dangerous :) it will make people being like bandits in the street, you pay or you can't walk away :( but virtually ... we will see more ;)
     
    xpcontact, Jul 10, 2008 IP
  12. Mega B

    Mega B Well-Known Member

    Messages:
    3,454
    Likes Received:
    66
    Best Answers:
    1
    Trophy Points:
    190
    #12
    Can something be added to the phpbb forum to stop this happening in the 1st place ???
     
    Mega B, Jul 10, 2008 IP
  13. bigidea_guy

    bigidea_guy Banned

    Messages:
    518
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    0
    #13
    things are added all the time, but hackers usually find ways to always get around it sooner or later.
     
    bigidea_guy, Jul 10, 2008 IP
  14. Barti1987

    Barti1987 Well-Known Member

    Messages:
    2,703
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    185
    #14
    Most forum hacks occur using the admin CP. Always protect your admin directory using htpasswd, it'll deter most (if not all) kiddy hackers.

    Peace,
     
    Barti1987, Jul 10, 2008 IP
  15. steventruman

    steventruman Banned

    Messages:
    387
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #15
    genius thought there. give that a try.
     
    steventruman, Jul 10, 2008 IP
  16. Cheap SEO Services

    Cheap SEO Services <------DoFollow Backlinks

    Messages:
    16,670
    Likes Received:
    1,318
    Best Answers:
    0
    Trophy Points:
    0
    #16
    it's vbulletin and I am away from home right now. I am on my laptop and I don't have the backup on my drive with me.

    I took a look at index.php and it has not been modified. Tried to login to admin as well and it redirects to home page...GRRRRRRRRRRRRRRR
     
    Cheap SEO Services, Jul 10, 2008 IP
  17. SOULZRIPPER

    SOULZRIPPER Well-Known Member

    Messages:
    2,382
    Likes Received:
    39
    Best Answers:
    0
    Trophy Points:
    115
    #17
    SOULZRIPPER, Jul 10, 2008 IP
  18. JLEville

    JLEville Peon

    Messages:
    147
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #18
    What mods did you have installed on the forum? There are some exploits involving specific mods...
     
    JLEville, Jul 10, 2008 IP
  19. itnashvilleCOM

    itnashvilleCOM Banned

    Messages:
    176
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    0
    #19
    Better to prevent. Step one, watch out for the indian coders that pump out 200 scripts a day. Their security sucks.

    Look into using mod_security also.
     
    itnashvilleCOM, Jul 10, 2008 IP
  20. e521

    e521 Peon

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #20
    omg, such a l33t ppl..
    <META content="Microsoft FrontPage 12.0" name=GENERATOR>
     
    e521, Jul 10, 2008 IP