MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Forum hacked .. Need urgent help
Full Version: Forum hacked .. Need urgent help
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

jessica77

2012-01-04, 04:13 PM
Desperate for help.

My forum ((Removed forum name after fix)) has been hacked. It is fine to visit the forum, but I need suggestions on how to fix it and what to do to prevent future attack.

Thank you ..

PLUGINS:
Akismet (1.2.1)
FBConnect (1.6.0) - Facebook Connect for MyBB - Created by Nayar
FBCore (0.0.2) - Implements Facebook Javascript SDK - Created by Nayar
Hello World! (1.0)
iShare (1.2.1) - Created by Codicious
My Ad Manager (1.1.5) - The Ultimate Mybb Ad Management System - Created by Jesse Labrocca
My Meta Tags (2.1a) - Created by Jesse Labrocca
Prune Members (2.0) Created by Jesse Labrocca

Euan T

2012-01-04, 04:15 PM
It says it was an XSS attack... are you using FB Connect by any chance?
Either way, delete the user with the username beginning "Andre Dejavu" and that should solve the problem.

jessica77

2012-01-04, 04:18 PM
Yes I am using FB connect .. how can I restore the forum ..?

Thanks

Andre R.

2012-01-04, 04:20 PM
You need to get into your PHPMyAdmin from your Cpanel and find your mybb_users table.

Find the last registered user and change all his info, one of which will be something like

<script>....</script>

Ofc, update your plugin asap too. Pavemen posted a fix yesterday.

ranjani

2012-01-04, 04:22 PM
Edit : not seen above response Smile

first create a dummy user from users & groups section of admin panel - that could restore index page
next delete the user as equantor suggested - you may have to delete this user from phpMyAdmin ..

Euan T

2012-01-04, 04:23 PM
(2012-01-04, 04:20 PM)Andre R. Wrote: [ -> ]You need to get into your PHPMyAdmin from your Cpanel and find your mybb_users table.

Find the last registered user and change all his info, one of which will be something like

<script>....</script>

Ofc, update your plugin asap too. Pavemen posted a fix yesterday.

Exactly. Nayar had apparently posted a new version of FBConnect on his site which fixed the issue, but had not updated the plugin found here.

jessica77

2012-01-04, 04:30 PM
I am taking the forum down for the time being .. Once I have restored DB from a prior restore I will post here again for your further help ..

Thanks all for now.

Euan T

2012-01-04, 04:31 PM
There's no need to restore your database... Simply delete the last registered user and everything will be back to normal.

jessica77

2012-01-04, 05:06 PM
Found the user .. Need to delete him now ..

>> UPDATE .. User deleted. Thanks for your help.
Lesson learnt : Do not use unnecessary plugins

hagz

2012-01-04, 07:26 PM
is there more info on this Hack? what should be looked out for?
Pages: 1 2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Forum hacked .. Need urgent help