View Single Post
Old 16 Sep 2020, 17:28
Hostboard's Avatar
Hostboard Hostboard is offline
Join Date: May 2002
Real name: Steven
Sorry, you had mentioned v4.2.5 Alpha 3 That is a pre-beta release and as noted 4.2.5 was publicly released as the final version in the 4 series. Please make sure you are running 4.2.5

This can be tricky as the attacker could have uploaded/placed a back door file.

I would re-upload ALL core files
Reupload ALL plugin files and make sure you have their latest releases..
I would do a folder by folder comparison of ALL files making sure they are all valid and a backdoor file is not hiding.
Change your FTP password as well as any other accounts that would have this level of access.
Change ALL admin passwords of the VB site.
Check the file/folder permissions based on the recommendations by VB.

vBulletin also has a tool to help identify out of date files:
ACP > Plugins & Products > Check ALL versions.

Time stamps are easily manipulated and you should not rely on them:
Running custom version of vBulletin based on v4.2.5
PHP 7.4.14 :: MariaDB 10.5.8
Reply With Quote