Announcement

Collapse
No announcement yet.

Is there a service to check files to see if i got hacked?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wayne Luke
    replied
    /core/includes/config.php will contain the mysql password that vBulletin uses.

    Leave a comment:


  • Raykai
    replied
    Originally posted by Mark.B View Post
    The first thing you should do is remove any files that are listed as unrecognised, unless they are ones you have put there yourself.

    Then you should change your database, ftp and vBulletin administrator passwords.

    If you are not already running vBulletin 5.6.3, you should immediately carry out a full upgrade to that version.
    where is the config file to change the MSQL password?

    Leave a comment:


  • Mohammed Abu Risha
    replied
    If you have a clean backup forums, you have to clean the entire website then restore the backup and upgrade it immediately.

    The malicious file could have caused your website to be blacklistet by search engines so you will need to check for this then resubmit your website. Scan your website through succuri.net and see.

    Leave a comment:


  • Mark.B
    replied
    The first thing you should do is remove any files that are listed as unrecognised, unless they are ones you have put there yourself.

    Then you should change your database, ftp and vBulletin administrator passwords.

    If you are not already running vBulletin 5.6.3, you should immediately carry out a full upgrade to that version.

    Leave a comment:


  • Is there a service to check files to see if i got hacked?

    Is there a service to check files to see if i got hacked?

    I see that I have some new files that where modified when my forum was in offline mode...files like:
    /jkauvaecvu.php, /edfqrfhpzr.php, /wfhrrvigoq.php, /zvdmhiqpkn.php (oV4,Download=>anonymousfox.com\n";$code=$_GET["php"];if(empty($code) or!strist...) and /grqlvhscwb.php

    How can I clean my forum? I was about to do the new update but looks like I got hacked. I don't know if it was from the new vBulletin 0-Day RCE CVE-2019-16759.

    ok i found the diagnostics tool:

    Click image for larger version

Name:	image_76947.png
Views:	102
Size:	26.2 KB
ID:	4446749
    ​​​​​​​
    What is the best action to do?
    Attached Files
    Last edited by Raykai; Wed 2 Sep '20, 7:22pm.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X