1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Forum Hacked by Palestinian Hacker - How to Fix?

Discussion in 'PHP' started by Cheap SEO Services, Jul 9, 2008.

  1. priyakochin

    priyakochin Banned

    Messages:
    4,742
    Likes Received:
    138
    Best Answers:
    0
    Trophy Points:
    0
    #21
    No the index.php page is modified ..........!
    just see it.

    I think they use CHMOD permission to hack your site.
    SEMrush
    Fix it soon.


    Yeah its logged into admin panel.
     
    priyakochin, Jul 10, 2008 IP
    SEMrush
  2. Brandon Sheley

    Brandon Sheley Illustrious Member

    Messages:
    9,719
    Likes Received:
    609
    Best Answers:
    2
    Trophy Points:
    420
    #22
    Brandon Sheley, Jul 10, 2008 IP
  3. Hitman_88

    Hitman_88 Guest

    Messages:
    188
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #23
    If u need any help u can contact me..:)
     
    Hitman_88, Jul 10, 2008 IP
  4. itnashvilleCOM

    itnashvilleCOM Banned

    Messages:
    176
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    0
    #24
    "Contact ====> [ at.T3eS_HaCK [at] HotMail.CoM ] ......ok"

    You should report this to hotmail and have the script kiddy's hotmail revoked.

    Moron leaving an advert with it, what a moron. There are no real hackers anymore are there?
     
    itnashvilleCOM, Jul 11, 2008 IP
  5. GWebmaster

    GWebmaster Banned

    Messages:
    1,067
    Likes Received:
    33
    Best Answers:
    0
    Trophy Points:
    0
    #25
    It's not a problem,

    Just reinstall or update again. easy :D
     
    GWebmaster, Jul 12, 2008 IP
  6. DigitalFocus

    DigitalFocus Peon

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #26
    They probably modified your template for phpBB is it the newest version of phpBB? if so its all stored in the database. Hopefully you have a backup to restore to or you have a backup of the theme you chose and you can restore it. phpBB is notoriously hackable and isn't really a good choice in forum software. But it can be secured with the right tools.
     
    DigitalFocus, Jul 12, 2008 IP
  7. Brandon Sheley

    Brandon Sheley Illustrious Member

    Messages:
    9,719
    Likes Received:
    609
    Best Answers:
    2
    Trophy Points:
    420
    #27
    I'm surprised you haven't fixed this yet?
    I couldn't go an hour with a page like that up on my sites :(


    it's not phpbb...

    Business Forum
    vBulletin 3.6.9
     
    Brandon Sheley, Jul 12, 2008 IP
  8. xpcontact

    xpcontact Member

    Messages:
    68
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    41
    #28
    I wonder why you left it as it is ?
    man just fix it... or I could help you :)
     
    xpcontact, Jul 13, 2008 IP
  9. webmaster9

    webmaster9 Banned

    Messages:
    20
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #29
    Ouch, another site hacked.

    Check all the files and the database and everything to see what they've done.
     
    webmaster9, Jul 13, 2008 IP
  10. Cheap SEO Services

    Cheap SEO Services <------DoFollow Backlinks

    Messages:
    16,670
    Likes Received:
    1,318
    Best Answers:
    0
    Trophy Points:
    0
    #30
    I replaced the index.php file....still no go...
     
    Cheap SEO Services, Jul 15, 2008 IP
  11. Semiperfectus

    Semiperfectus Peon

    Messages:
    306
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #31
    Semiperfectus, Jul 15, 2008 IP
  12. Cheap SEO Services

    Cheap SEO Services <------DoFollow Backlinks

    Messages:
    16,670
    Likes Received:
    1,318
    Best Answers:
    0
    Trophy Points:
    0
    #32
    This is really confusing. I just upgraded it to 3.7.2 and went through all the steps for this. There were about 20 stages for the upgrade. Problem still exists. I went to PHPmyadmin and checked to see if all the tables were still present and they are. Threads, posts, users etc.. it's all there...I don't know what else to check??
     
    Cheap SEO Services, Jul 15, 2008 IP
  13. Semiperfectus

    Semiperfectus Peon

    Messages:
    306
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #33
    It may help if you make a clean install. So uninstall vbulletin, and reinstall it. That's what I would do.

    Btw, I see you've done that already. I can see your forum now, but it has only 1 member. I guess you should add the "old" database again, but check it for errors first.

    -Semi
     
    Semiperfectus, Jul 16, 2008 IP
  14. Cheap SEO Services

    Cheap SEO Services <------DoFollow Backlinks

    Messages:
    16,670
    Likes Received:
    1,318
    Best Answers:
    0
    Trophy Points:
    0
    #34
    I used the old database and the hacked thing appears...so it looks like something is in that database causing it.
     
    Cheap SEO Services, Jul 16, 2008 IP
  15. Semiperfectus

    Semiperfectus Peon

    Messages:
    306
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #35
    Ok, well yeah then it's something in the database causing it. Have you found the problem already? Try searching for the terms that were on the "hacked" page.

    -Semi
     
    Semiperfectus, Jul 18, 2008 IP
  16. Cheap SEO Services

    Cheap SEO Services <------DoFollow Backlinks

    Messages:
    16,670
    Likes Received:
    1,318
    Best Answers:
    0
    Trophy Points:
    0
    #36
    I did that and it came up with nothing in the results.

     
    Cheap SEO Services, Jul 18, 2008 IP
  17. Semiperfectus

    Semiperfectus Peon

    Messages:
    306
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #37
    Oh too bad. You need to find out what part of the database vbulletin is pulling data from when you open up the forum. I'm not an expert at this, but I'll do some searching on the net.

    PS: To prevent exploit abuse in the future, try finding a way to remove the:

    at the bottom of the forum.

    Hackers use these to find forums they can hack. The just check google with the phrase: Powered by vBulletin® Version 3.7.2, and they get loads of these forums that are vulnerable when there's an exploit for that version.

    Btw, I found this on the vbulletin forum: http://www.vbulletin.com/forum/showthread.php?p=1596176.

    Anyways, goodluck with solving this problem.

    Greets,

    -Semi
     
    Semiperfectus, Jul 18, 2008 IP
  18. Brandon Sheley

    Brandon Sheley Illustrious Member

    Messages:
    9,719
    Likes Received:
    609
    Best Answers:
    2
    Trophy Points:
    420
    #38
    search the database or phrases, it has to be there somewhere ;)
     
    Brandon Sheley, Jul 18, 2008 IP
  19. tgkprog

    tgkprog Peon

    Messages:
    28
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #39
    check if the .htaccess file has been modified - to redirect all hits to another page that can be a way to subvert changes to index.php or index.html ...
     
    tgkprog, Jul 18, 2008 IP
  20. Cheap SEO Services

    Cheap SEO Services <------DoFollow Backlinks

    Messages:
    16,670
    Likes Received:
    1,318
    Best Answers:
    0
    Trophy Points:
    0
    #40
    Nowhere in the database. I noticed there is a javascript snippet on the hack page.

    I checked .htaccess and all is good there too.

    I ended up installing from scratch...Now I need to work out how to copy tables from one database to another.
     
    Cheap SEO Services, Jul 18, 2008 IP