Announcement

Collapse
No announcement yet.

Username change trail?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Username change trail?

    I have a username that appears to have been changed but not by me. If it can only be done via the AdminCP is there any trail in the database somewhere where I can see if username A used to be username B type thing? If I think the new username used to be something else is there any way to show that?
    http://www.softballfans.com
    The Ultimate Softball Community
    Forums, Bat/Equipment Reviews, Team Page Hosting and more!

  • #2
    I found a trace of the name change in a search that was run. Since I am the only admin and did not make the change can you tell me where this had to have been made so I can check with my web hosting provider to see if there was any hacking done?

    Is the Admin CP the only place a hacker could enter to change this?
    http://www.softballfans.com
    The Ultimate Softball Community
    Forums, Bat/Equipment Reviews, Team Page Hosting and more!

    Comment


    • #3
      Do you have any hacks installed whatso ever?

      Comment


      • #4
        Someone can also do this if they have access to your database.
        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
        Change CKEditor Colors to Match Style (for 4.1.4 and above)

        Steve Machol Photography


        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


        Comment


        • #5
          No, stock vBulletin.
          http://www.softballfans.com
          The Ultimate Softball Community
          Forums, Bat/Equipment Reviews, Team Page Hosting and more!

          Comment


          • #6
            Only two posibilities:
            1) Admin user (your) password is too basic or have been compromised.
            2) Someone with database access modified it.

            There is no other posibilities of this happening if you are on a stock vBulletin.

            Suggestions:
            1) Use a more secure password for admin user, and add .htaccess file to your /admincp folder
            2) Change your database password to someone complex (IE: a23d;@Yw9_) and make sure no one else other than you have FTP / database access.
            Best Regards,
            Andy Huang

            Comment


            • #7
              I checked the logs and spoke to my hosting provider. Change was not made in Admin CP under my username. They think it could have been done with a URL hack of somesort with vBulletin? I'm on version 3.0.0. Sound possible? Is that an "exploitable" version?

              I do allow anonymous FTP for one employee, that a hazard?
              http://www.softballfans.com
              The Ultimate Softball Community
              Forums, Bat/Equipment Reviews, Team Page Hosting and more!

              Comment


              • #8
                There have been 2 (? not sure) possible exploits with 3.0.0, and neither allows modification to database values (if I'm not mistaken). It is most likely done through database directly. However, an upgrade to 3.0.3 is advised to fix these exploits.

                FTP access which allows the user to view your vBulletin files is strongly not advised. If the user can see your vBulletin files, they can easily look into the configuration file and obtain username and password for your database. From there, the person can have the same amount of access as you have; except, more flexible and more dangerous. Please make sure that the user does not have access to any of your vBulletin .php files.
                Best Regards,
                Andy Huang

                Comment


                • #9
                  No, this is anonymous and allows them access to one directory only and they cannot go into the web files.
                  http://www.softballfans.com
                  The Ultimate Softball Community
                  Forums, Bat/Equipment Reviews, Team Page Hosting and more!

                  Comment


                  • #10
                    Why would anyone go to the trouble of hacking your site just to change one user name? Frankly that doesn't make a lot of sense to me.
                    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                    Change CKEditor Colors to Match Style (for 4.1.4 and above)

                    Steve Machol Photography


                    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                    Comment

                    widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                    Working...
                    X