2011-10-15, 11:30 PM
Pages: 1 2
2011-10-15, 11:35 PM
PM the link please. But first your domain provider, check the settings and make sure that wasn't hacked.
edit; This sounds like i'm looking for porn. I'm not. xD
edit; This sounds like i'm looking for porn. I'm not. xD
2011-10-16, 02:38 AM
May I please have the code of link to a clean config and settings php page?
2011-10-16, 02:43 AM
(2011-10-16, 02:38 AM)Ruby Wrote: [ -> ]May I please have the code of link to a clean config and settings php page?
Just reupload the mybb files, over-writing the old ones.
And make sure you run latest version of MyBB (and you have applied 1.6.4 patch).
2011-10-16, 04:07 AM
Forum's version is 1.6.4
index.php and 8 more files were infected - but I cleaned them up.
I changed the code on index.php manually, I replaced the 8 infected files with new ones, from a fresh MyBB-Download.
The owner of the website has got a lot of mails, telling him that they got redirected to porno pages, clicking the links to the forums. Thus, they seem not be able to reach the forums.
I do not get redirected anywhere.
The owner and me, we are not redirected.. but there were more than 10 people who said that they were redirected, when clicking our links.
Thanks in advance for every answer.
index.php and 8 more files were infected - but I cleaned them up.
I changed the code on index.php manually, I replaced the 8 infected files with new ones, from a fresh MyBB-Download.
The owner of the website has got a lot of mails, telling him that they got redirected to porno pages, clicking the links to the forums. Thus, they seem not be able to reach the forums.
I do not get redirected anywhere.
The owner and me, we are not redirected.. but there were more than 10 people who said that they were redirected, when clicking our links.
Thanks in advance for every answer.
2011-10-16, 12:41 PM
Our website has not been hacked. The only part of our website which perhaps is of was hacked, should be the forums. And that is a MyBB problem. I didn't have any problems before I ran the upgrade.
2011-10-16, 12:43 PM
The upgrader was tampered with by a third party, which lead to the insertion of malicious code.
Please refer to this thread: http://community.mybb.com/thread-105780.html
Please refer to this thread: http://community.mybb.com/thread-105780.html
2011-10-16, 12:54 PM
Thank you @ Malcolm
I informed our provider about this problem. They scanned our website, I ran scans from different tools, I use(d) vms.drweb.com, www.urlvoid.com, www.mywot.com - they all come up with clean. I have scanned my backups from before and after the upgrade: clean
But do these scans recognize infected php files?
I informed our provider about this problem. They scanned our website, I ran scans from different tools, I use(d) vms.drweb.com, www.urlvoid.com, www.mywot.com - they all come up with clean. I have scanned my backups from before and after the upgrade: clean
But do these scans recognize infected php files?
2011-10-16, 12:58 PM
As PHP is server side, unless the code creates an output which is sent to the browser such as an iframe, it won't see anything malicious.
2011-10-16, 01:10 PM
I am using iFrame for the links to the five (5) connected forums. That was for me the only way to show 5 forums under one link. Until now, I don't know an other way to show up 5 forums under one link.
Just controled the iFrame, no infection, it's my own original iFrame.
Just controled the iFrame, no infection, it's my own original iFrame.
Pages: 1 2