forum has been hacked

1st Official Post

    Hi


    forum has been hacked 2 times now for 2 weeks, they manage to enter and delete fil in Public_html/forum/wcf/
    when I logged onto the forum today, I see only this(thanks Oluwa) the hacker have delete original index.php fil in ]Public_html/forum and also edited/delete config.inc.php /global.php and options.php in Public_html/forum/wcf/


    Code
    thanks Oluwa

    it may be an issue in WBB or there is a 3-party pluging that makes hacker to getting in to the forum????

    Norwegian language files to (WSC 5.2 + 5.3 and The New WSC 5.4 + 5.5 ) *no.xml* Unofficial Language Packs

    Quote from tunhj1

    it may be an issue in WBB


    That's very unlikely.



    Quote from tunhj1

    there is a 3-party pluging that makes hacker to getting in to the forum


    This could be. However, it's also unlikely, if you got it from our plugin store.


    ---


    What about the possibility, that someone knows your FTP password? What FTP client are you using? Filezilla for example is known, that it saves passwords in clear text on your machine. So if your computer gets compromised, it's possible to grab all your saved FTP passwords.

    Quote from SoftCreatR

    What about the possibility, that someone knows your FTP password? What FTP client are you using? Filezilla for example is known, that it saves passwords in clear text on your machine. So if your computer gets compromised, it's possible to grab all your saved FTP passwords.

    I use Total Commander,and there are no guests can read or watch forum, only members,but we have a problem with it being up to 300 guests, from China / USA
    and forum is Norwegian with server in germany, I've now created new password to Cpanel and FTP account plus MySql-database

    Norwegian language files to (WSC 5.2 + 5.3 and The New WSC 5.4 + 5.5 ) *no.xml* Unofficial Language Packs

    Quote from tunhj1

    I use Total Commander,and there are no guests can read or watch forum, only members,but we have a problem with it being up to 300 guests, from China / USAand forum is Norwegian with server in germany, I've now created new password to Cpanel and FTP account plus MySql-database


    Do you host any other software than WBB/WCF?

    this we have installed in forum,and we are on a VPS server, where it is 4 pieces forum, and it is only this forum being hacked.
    Can you see if there are any of these pluging that can create access for hacker
    Thanks

    Norwegian language files to (WSC 5.2 + 5.3 and The New WSC 5.4 + 5.5 ) *no.xml* Unofficial Language Packs

    What all do you use on VPS ? cPanel should be safe. But if you have some scripts that add 777 to your folders, that could be an issue. Your logs are the best place to start the investigation.

    Smile , it's good for health

    INFO


    They have once again tried and hacking forum,last time I managed to stop them,and I found these files into EasySlider?? (spam.zip) 3 index files.


    and about 50 e-mails from the server with this info.


    Code
    Subject: Fx29Shell http://www.xxxxxxxxx.com/wbb4/wcf/easyslider/images/fancybox/thanks.php?x=img&img=download by 61.6.84.178
Boss, there was an injected target on www.xxxxxx.com/wbb4/wcf/easyslider/images/fancybox/thanks.php?x=img&img=arrow_ltr by 61.6.84.178

    there is only one ftp account and it is only I who know the password to ftp / cpanel and forum admin,So how do they manage to hack forum I do not know but I've done about all passwords and deleted the EasySlider.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!

Register Yourself Login