Latest Announcemnent
New thread

A very wierd hack attempt maybe?

Status
Not open for further replies.
B

Bang

Active Member
227
2008
0
0
I just noticed a very very weird thing happening at my forum.
A user just registered and then suddenly he is an admin at my forum.
He was viewing the VIP section other then the ACP.
here is the screenshot
The user registered from 212.91.117.104
2mzcrjp.gif



I Disabled Inferno Shoutbox immediately.I had seen forums like Katz forums,warezscene disabling it for security reasons,maybe it was that?
Any other mods that i need to uninstall?

Thanks!
 
13 comments
Yeah must be the shoutbox. Good you removed it. Not sure about other mods, it may just be inferno
 
Well I hope so. lol they were mainly after the VIP stuff. ur lucky they didnt do anything through admincp!
 
iMack said:
Well I hope so. lol they were mainly after the VIP stuff. ur lucky they didnt do anything through admincp!
Click to expand...

They cant do anything if just they become administrators.They need the perms which are set by the root admins. ;)That's why vbulletin owns when it comes to security.;)
Feel free to correct me if i am wrong.
 
Do this go to ur cpanel go to raw acces logs in the logs section download the logs for your main domain zip it up upload it send it to me ill analyze it and see how he got in you very well may have a shell or backdoor :(

EDIT:i can ALMOST BET MONEY that its the arcade lol
 
oh damn. i guess i better disable my shoutbox.

also another good security measure is password protecting the admincp directory through cpanel or direct admin. that way if someone does log in with admin privelages they wont be able to access the admincp.
 
Status
Not open for further replies.
Back
Top