Announcement

Collapse
No announcement yet.

Forum keeps on getting hacked

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by Zachery
    As i said, there is no real reason to remove this, any time you want to make a new style it pulls from the style xml. None of the files there can cause any harm, even if someone had his vB.com login they couldnt run the upgrade script, it would redirect him to the admincp.
    Sorry but that made no sense and I'm not flaming you. If someone has his account info they can run the upgrade script because they can login into his admincp....

    Comment


    • #17
      Originally posted by boro_boy
      I just want to know how they are finding out my password!!!! I only changed it last week and it was random numbers and letters "34934tie4irjfgdf9gu0gd" like that but about 20 characters long.
      If they have access to your server and database then they can directly read your hashed password.

      Also did you htaccess protect your Admin and Mod CP directories like I recommended a couple of weeks ago?
      Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
      Change CKEditor Colors to Match Style (for 4.1.4 and above)

      Steve Machol Photography


      Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


      Comment


      • #18
        Sounds as though it might be possible that there is a keystroke logger on your system.

        Try running ad-aware... from lavasoft.de
        That will find all sorts of nasties for you... even if you are running McAfee!

        Then after running it..... then change your password.
        Rod

        Comment


        • #19
          Originally posted by Rod Neep

          Sounds as though it might be possible that there is a keystroke logger on your system.

          Try running ad-aware... from lavasoft.de
          That will find all sorts of nasties for you... even if you are running McAfee!

          Then after running it..... then change your password.
          Rod

          Ad-Aware is good, but it won't catch any of the really good keystroke loggers. Here's a much simpler way to exclude your machine - change your password from a different machine. One you know is secure. Or at least anonymous.

          If you don't get hacked at that point, you may wish to more seriously examine your own machine.
          echo $ocean_signature;

          ;)

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X