Register Members List Search Today's Posts Mark Forums Read

Closed Thread
 
Thread Tools
  #91  
Old 19 Sep 2013, 08:19
mrdiger mrdiger is offline
 
Join Date: Sep 2010
Also found my site hacked today! (only front page, forums still works)
I run 4.1.1

Any idea what i can do to fix this?

Thanks alot!!


This is what they did, cp log:

15389 N/A 04:08, 19th Sep 2013 admincalendar.php modify 36.74.252.52
15388 N/A 04:08, 19th Sep 2013 admincalendar.php update 36.74.252.52
15387 N/A 04:07, 19th Sep 2013 admincalendar.php add 36.74.252.52
15386 N/A 04:07, 19th Sep 2013 admincalendar.php modify 36.74.252.52
15385 N/A 04:07, 19th Sep 2013 plugin.php doimport 36.74.252.52
15384 N/A 04:07, 19th Sep 2013 plugin.php files 36.74.252.52
15383 N/A 03:18, 19th Sep 2013 plugin.php 65.49.14.143
15382 N/A 03:18, 19th Sep 2013 plugin.php doimport 65.49.14.143
15381 N/A 03:18, 19th Sep 2013 plugin.php files 65.49.14.143
15392 N/A 04:08, 19th Sep 2013 faq.php insert 36.74.252.52
15391 N/A 04:08, 19th Sep 2013 faq.php add 36.74.252.52
15390 N/A 04:08, 19th Sep 2013 admincalendar.php edit calendar id = 2
  #92  
Old 19 Sep 2013, 08:53
New Joe's Avatar
New Joe New Joe is offline
 
Join Date: May 2009
Originally Posted by Paul M View Post

Maybe you should get facts right before making silly statements.

There was an e-mail .
But not till a week after vB published it over on vB com
Why did it take a week Paul for the e mail to be sent after the Thread was made on vB com?
  #93  
Old 19 Sep 2013, 09:22
loua_oz loua_oz is offline
 
Join Date: Dec 2010
I wonder if VB staff get fired for telling customers they are silly. In my company he would be history and marched out with security escort that minute.

Amateurs, should not comment, have to set some place where official comment is given.
  #94  
Old 19 Sep 2013, 09:26
loua_oz loua_oz is offline
 
Join Date: Dec 2010
Originally Posted by xenite View Post
Sorry. It's the CONTROL PANEL LOG that will tell you anything useful. (ON EDIT: About the IP address they used.)
CP transaction log, 3 pics. N/A is his user name (or instead of it).

Last picture is when he actually disabled admin account (played a clip when trying to enter Admin) but the site was working.
Attached Images
File Type: jpg 2013hack01.jpg (40.9 KB, 17 views)
File Type: jpg 2013hack02.jpg (23.2 KB, 9 views)
File Type: jpg 2013hack03.jpg (31.4 KB, 12 views)
  #95  
Old 19 Sep 2013, 14:20
loua_oz loua_oz is offline
 
Join Date: Dec 2010
vB staff, provide some sweep that would tell your paying customers what is wrong with their sites.
Your product, easily hacked, even for fun, may have deprived some of your customers of their bread.

As it is now, you (vB) are out of business and possibly out of your jobs.
  #96  
Old 19 Sep 2013, 14:26
Zachery's Avatar
Zachery Zachery is offline
 
Join Date: Jul 2002
Real name: Zachery Woods
You mean the giant guides that have been repeatedly posted on vBulletin.com and .org about how to find whats wrong, and fix your site?


Please read the following two blog posts:
http://www.vbulletin.com/forum/blogs...ve-been-hacked

http://www.vbulletin.com/forum/blogs...vbulletin-site

If you're actually looking for support, vBulletin.com forums, and or the members area would be the correct place to post.
__________________
Looking for ImpEx?
  #97  
Old 19 Sep 2013, 14:38
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
 
Join Date: Sep 2008
Real name: Michael Miller Jr
Originally Posted by loua_oz View Post
I wonder if VB staff get fired for telling customers they are silly. In my company he would be history and marched out with security escort that minute.

Amateurs, should not comment, have to set some place where official comment is given.
Paul is hardly an amateur and everyone is entitled to their own opinions.

Originally Posted by loua_oz View Post
vB staff, provide some sweep that would tell your paying customers what is wrong with their sites.
Your product, easily hacked, even for fun, may have deprived some of your customers of their bread.

As it is now, you (vB) are out of business and possibly out of your jobs.
I understand you're upset however this is vbulletin.org, we are simply here to assist with the modifications listed on this site not to bash on the product/company itself.

Ladies and Gentlemen, this type of stuff happens on occasion with virtually all online software at some point in it's lifetime if not multiple times and yes that includes php/apache that runs on your server and allows vBulletin, wordpress, and countless other software to run, vulnerabilities/exploits can exist on more than one level. When you're hacked it's very unfortunate and often times more than simply upsetting if data is lost however the best thing to do in a situation like that is to focus, fix your site first then worry about posting opinions - we are all entitled to them but be sure you take care of business first i.e. your site and also direct your anger accordingly .
__________________
Daddy Does Dios and Figs!
https://www.linkedin.com/in/thelastsuperman

Search - Use the search feature to find similar issues/answers.
Information - Include screenshots, copy/pasted error codes, url etc.
Fixed - Please return to your thread/post and let us know how it was fixed!
Thanks - For participating! Click the "Like" on a post if someone helped you!
  #98  
Old 19 Sep 2013, 14:38
loua_oz loua_oz is offline
 
Join Date: Dec 2010
Originally Posted by Zachery View Post
You mean the giant guides that have been repeatedly posted on vBulletin.com and .org about how to find whats wrong, and fix your site?


Please read the following two blog posts:
http://www.vbulletin.com/forum/blogs...ve-been-hacked

http://www.vbulletin.com/forum/blogs...vbulletin-site

If you're actually looking for support, vBulletin.com forums, and or the members area would be the correct place to post.
A blatant, fundamental lack of understanding what the term "customer" means.

I don't need support, I want the product that I have bought to function properly. Not to be redirected to lessons.

I can teach you one: the biggest asset any company has are their customers. Thousands of talented people found themselves out of their jobs because there were no customers for whatever they were making.

Where is a tool that every customer of vB can run and see if they are in danger?
Providing you have any idea what the dangers could be.

Shame on you.
  #99  
Old 19 Sep 2013, 14:45
Zachery's Avatar
Zachery Zachery is offline
 
Join Date: Jul 2002
Real name: Zachery Woods
You know what, never mind.
__________________
Looking for ImpEx?
  #100  
Old 19 Sep 2013, 14:51
loua_oz loua_oz is offline
 
Join Date: Dec 2010
Originally Posted by TheLastSuperman View Post
Paul is hardly an amateur and everyone is entitled to their own opinions.



I understand you're upset however this is vbulletin.org, we are simply here to assist with the modifications listed on this site not to bash on the product/company itself.

Ladies and Gentlemen, this type of stuff happens on occasion with virtually all online software at some point in it's lifetime if not multiple times and yes that includes php/apache that runs on your server and allows vBulletin, wordpress, and countless other software to run, vulnerabilities/exploits can exist on more than one level. When you're hacked it's very unfortunate and often times more than simply upsetting if data is lost however the best thing to do in a situation like that is to focus, fix your site first then worry about posting opinions - we are all entitled to them but be sure you take care of business first i.e. your site and also direct your anger accordingly .
Yet another confirmation vB staff do not understand what a product means. Theirs appears to be a Mickey Mouse, any kid can hack it. As they have, are doing, and will be doing.

Make vB free and then OK.
Charge for it, you may be in court, in the dock.
  #101  
Old 19 Sep 2013, 14:52
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
 
Join Date: Sep 2008
Real name: Michael Miller Jr
Lightbulb

Originally Posted by Zachery View Post
Edited.
Removed.

Long story short if your site has been hacked please open a new thread and ask for assistance, sometimes threads such as this become quite long and confusing for some to follow and then other times we see heated debates such as the above which tend to become tiresome to those simply reading the thread to resolve an issue.

Thread closed, if you need assistance please open a new thread with:
  • Title "Site hacked please assist"
  • Site URL. *Those reading this please note to not visit the site unless you're experienced in dealing with matters such as these as your pc can possibly become infected.
  • Description of what's going on.

Our community here is very active and helpful, we'll do the best we can to assist!
__________________
Daddy Does Dios and Figs!
https://www.linkedin.com/in/thelastsuperman

Search - Use the search feature to find similar issues/answers.
Information - Include screenshots, copy/pasted error codes, url etc.
Fixed - Please return to your thread/post and let us know how it was fixed!
Thanks - For participating! Click the "Like" on a post if someone helped you!
Closed Thread



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 06:20.

Layout Options | Width: Wide Color: