Announcement

Collapse
No announcement yet.

My board hacked 2 days ago 3.6.9

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • My board hacked 2 days ago 3.6.9

    Dear All,
    two days ago, my site was defaced due to the fact that I don't update the forum as soon as the patch was released.
    In any case, I spent 1 day to restore all the backup and now everything works fine.
    The attacker delete all the db, but I know that they did the first step 7 days ago when they try to put .c files on my w2k3 server ... lamer (no comment).
    There is a way in the admin log to trace the ip used 7 days ago when they did the first step ?
    Thanks for any kind of help.
    Renato
    Renato

  • #2
    You cna check the Admin Logs but unfortunately they could have covered their steps.

    Please see this thread on how to make your vBulletin more secure:

    http://www.vbulletin.com/go/secure

    If you are still being hacked after doing all of this, then they are most likely doing this by accessing your server. You need to contact your host about this.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment


    • #3
      Thanks Steve for the support, in the admin logs I didn't find nothing right now but I'm working on it.
      Do you know what kind of user I could find in this log when they accessed with the xss ?
      They were not able to take the access of my server, I'm quite sure about this.
      Renato

      Comment


      • #4
        If they were able to get access to your "server", the logs you need to check is you "server's". If you don't have access to them, ask you ISP to check them for around the critical time and see if they can obtain an IP, but remember that a clever hacker can always use a proxy to conceal their own IP.

        Regards,
        Slappy

        Comment

        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
        Working...
        X