Announcement

Collapse
No announcement yet.

Forum keeps on getting hacked

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ocean
    replied
    Originally posted by Rod Neep

    Sounds as though it might be possible that there is a keystroke logger on your system.

    Try running ad-aware... from lavasoft.de
    That will find all sorts of nasties for you... even if you are running McAfee!

    Then after running it..... then change your password.
    Rod

    Ad-Aware is good, but it won't catch any of the really good keystroke loggers. Here's a much simpler way to exclude your machine - change your password from a different machine. One you know is secure. Or at least anonymous.

    If you don't get hacked at that point, you may wish to more seriously examine your own machine.

    Leave a comment:


  • Rod Neep
    replied
    Sounds as though it might be possible that there is a keystroke logger on your system.

    Try running ad-aware... from lavasoft.de
    That will find all sorts of nasties for you... even if you are running McAfee!

    Then after running it..... then change your password.
    Rod

    Leave a comment:


  • Steve Machol
    replied
    Originally posted by boro_boy
    I just want to know how they are finding out my password!!!! I only changed it last week and it was random numbers and letters "34934tie4irjfgdf9gu0gd" like that but about 20 characters long.
    If they have access to your server and database then they can directly read your hashed password.

    Also did you htaccess protect your Admin and Mod CP directories like I recommended a couple of weeks ago?

    Leave a comment:


  • Dark_Wizard
    replied
    Originally posted by Zachery
    As i said, there is no real reason to remove this, any time you want to make a new style it pulls from the style xml. None of the files there can cause any harm, even if someone had his vB.com login they couldnt run the upgrade script, it would redirect him to the admincp.
    Sorry but that made no sense and I'm not flaming you. If someone has his account info they can run the upgrade script because they can login into his admincp....

    Leave a comment:


  • boro_boy
    replied
    I just want to know how they are finding out my password!!!! I only changed it last week and it was random numbers and letters "34934tie4irjfgdf9gu0gd" like that but about 20 characters long. I know the ip of the person who done it but the past 2 times they have been done via an anonymous ip.

    Leave a comment:


  • Zachery
    replied
    As i said, there is no real reason to remove this, any time you want to make a new style it pulls from the style xml. None of the files there can cause any harm, even if someone had his vB.com login they couldnt run the upgrade script, it would redirect him to the admincp.

    Leave a comment:


  • Dark_Wizard
    replied
    Originally posted by Zachery
    No, you should LEAVE the install folder alone and only delete the install file, you cannot do anything harmfull, let alone run any of the files without your vBulletin.com members area login, as well as you NEED the xml files that are kept in there.
    ????

    You don't need the xml files and if there is a time that you would require them then you just upload them again...also his login maybe compromised hence the removal of the install directory.

    Leave a comment:


  • boro_boy
    replied
    Originally posted by Zachery
    No, you should LEAVE the install folder alone and only delete the install file, you cannot do anything harmfull, let alone run any of the files without your vBulletin.com members area login, as well as you NEED the xml files that are kept in there.
    Ok thanks, just re-uploading the files but without the install.php file.

    I've changed the name of the admin folder and changed is respectfully in the config.php file. What else could i do? I have made myself invisable.

    Leave a comment:


  • Zachery
    replied
    No, you should LEAVE the install folder alone and only delete the install file, you cannot do anything harmfull, let alone run any of the files without your vBulletin.com members area login, as well as you NEED the xml files that are kept in there.

    Leave a comment:


  • Dark_Wizard
    replied
    Originally posted by boro_boy
    Should I remove the /install folder from the forum root directory? The one with the upgrade files in?
    I would highly recommend it as it is no longer necessary. You may also want to change the name of the admin directory to something other than admincp but make sure you make that change in your config.php file as well. Lastly contact your hosting provider and have your login name and password changed, they may be getting in by another route.

    Leave a comment:


  • boro_boy
    replied
    Originally posted by Zachery
    Are you secure yourself? Do you have an antivurus program? It is possible that you yourself have been comprimised.
    Should I remove the /install folder from the forum root directory? The one with the upgrade files in?

    Leave a comment:


  • boro_boy
    replied
    Is there anyway I can deactivate my so no-one can access it? Just like turn it off (ban myself) the only way this could be done would be via phpmyadmin wouldn't it? But where would i look and what would i change?

    Leave a comment:


  • boro_boy
    replied
    Originally posted by Zachery
    Are you secure yourself? Do you have an antivurus program? It is possible that you yourself have been comprimised.
    I have Mcaffe Firewall, Visrus Scan and Spamkiller all installed and enabled?

    Leave a comment:


  • Zachery
    replied
    Are you secure yourself? Do you have an antivurus program? It is possible that you yourself have been comprimised.

    Leave a comment:


  • boro_boy
    replied
    Its happened again (TODAY 30th Sep) even though i'm the only admin. I have 2 supermods 4 moderators. But the hacker has logging in using my account and done everying using my account. I looked at the control panel log and its all in my name (the admin name i use)

    I think i'm going to have to change my admin account to invisable and change the name of it. Can i make it so that no people can see the admin on the members list?

    Leave a comment:

widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X