444 is fine for the config as long as the webserver can read it, since that file is static once MyBB install is done. the bad file is index.php
I fixed it. But, config file was 777 before...
so what if it was 777, make it the least level of permissions that allows the site to still work. basically it is world readable and with the injections you have, they could be outputting config data that has db info, etc.
I mean like why would it have randomly cahnged?
i dont know, but i would suggest that you clean your computer and then change your passwords
mi basicly screwed is there any way to find out who did this? and if it can happen again and it if is fixed
Check logs if you have cPanel. Also, if you have your site already on
www.google.com/webmaster you can go there and go to Malware tab and Google would analyze and tell you if they found any malwares in your site.
And CHMOD your config.php file to 666, 777 is dangerous and gives one full permissions.
(2011-10-13, 05:23 AM)Bapun Raz Wrote: [ -> ]evrything is fine here.its coming fine for me when browsing as a guest. 
but view the source and you will see all kinds of base64 decode strings
Got people to scan / try to hack it. Nothing came up. It's clean. Must have been something with mybb. earlier
(2011-10-13, 05:28 AM)hon0r Wrote: [ -> ]Got people to scan / try to hack it. Nothing came up. It's clean. Must have been something with mybb. earlier
MyBB doesn't remotely change or make edits to your forum, you probably gotta find template and fix them.