Hi,
I posted a thread
http://community.mybb.com/thread-130105.html some hours ago about my website is hacked.
It is now hacked again.. All the forums of my website has now deleted!
Please help me MYBB Admins! Need your guide.
What hosting are you on?
If you are on shared hosting your server may be rooted.
Anyway, I suggest you look up ways to secure your forum, take regular backups and be careful with your passwords. Make sure you have extremely advanced passwords, so they cannot be bruteforced, hide your admin directory by changing it's name and having a hidden admin account in case you get hacked are always good ideas.
Also, check what plugins you have and look up whether they have vulnerabilities, I saw you're using google seo plugin and I don't know if it has been patched since, but I remember hearing of it having a vulnerability which made forums easy to hack.
It appears you also have 4 admins. I think that's probably too excessive but don't worry too much, however one of your admins may be keylogged and have had their password stolen, so I suggest you take away everyone else's admin rights until you have secured your forum.
Well, there is a shell (exploit) somewhere through which the hacker is getting access again and again. I recommend you to download all the files and carefully match against original MyBB files to see if there is no *unwanted* or file which is not included in MyBB's default copy. Shells are usually web based file manager through which a hacker could browse your directory, upload and/or edit the files.
Contact your host too and ask them to check their access logs to see how they got access. It is very important that the point of entry is discovered and patched up a.s.a.p.
(2012-11-28, 10:46 AM)Uzinero Wrote: [ -> ]What hosting are you on?
If you are on shared hosting your server may be rooted.
Anyway, I suggest you look up ways to secure your forum, take regular backups and be careful with your passwords. Make sure you have extremely advanced passwords, so they cannot be bruteforced, hide your admin directory by changing it's name and having a hidden admin account in case you get hacked are always good ideas.
Also, check what plugins you have and look up whether they have vulnerabilities, I saw you're using google seo plugin and I don't know if it has been patched since, but I remember hearing of it having a vulnerability which made forums easy to hack.
It appears you also have 4 admins. I think that's probably too excessive but don't worry too much, however one of your admins may be keylogged and have had their password stolen, so I suggest you take away everyone else's admin rights until you have secured your forum.
Thanks... It helps me a lot!
(2012-11-28, 10:46 AM)crazy4cs Wrote: [ -> ]Well, there is a shell (exploit) somewhere through which the hacker is getting access again and again. I recommend you to download all the files and carefully match against original MyBB files to see if there is no *unwanted* or file which is not included in MyBB's default copy. Shells are usually web based file manager through which a hacker could browse your directory, upload and/or edit the files.
I gave you reputation against of this response.
Thanks Sir. Keep it up!
Hi, I am a developer and a hacking expert (not hacking in *that way*) I create sites that are silly and find different technics to hack it. Seeing how I hack it lets me see how I can patch it up. It is a way to create money and become one of the best web developers around. Maybe I can help.
-Change your password (it may be a silly hack just on the super admins account.)
-Hide your IP ( I suggest Hotspot Shield.) (The hacker may be getting details from your IP address.)
-Check your recent internet history (The hacker may have got into your internet browser and saw that you clicked 'keep me logged in')
-Make sure your Email is secuure ( The hacker may have hacked into your email and clicked a link automatically logging you in.)
If you wish I could help you more. And I was looking into people hacking myBB forums. It definatly isn't a DOS (Denial Of Server) attack. They take the site off the web completly. And on a myBB forum only for approximatly 5 seconds.
It may have been done with CMD (Command Prompt) and getting your details there. All he needs to do is get your IP address which is easy, he just needs to:
Type in CMD:
netstat -n *enter* (this brings the list of IP addresses online up.
Hope this helped. If it did please rate me. Come back if you want more details.
(2012-12-05, 11:15 AM)aidandonnan Wrote: [ -> ]Hi, I am a developer and a hacking expert (not hacking in *that way*) I create sites that are silly and find different technics to hack it. Seeing how I hack it lets me see how I can patch it up. It is a way to create money and become one of the best web developers around. Maybe I can help.
well aren't you full of yourself. I can tell by your post that you know absolutely nothing about what you're talking about.
(2012-12-05, 11:15 AM)aidandonnan Wrote: [ -> ]If you wish I could help you more. And I was looking into people hacking myBB forums. It definatly isn't a DOS (Denial Of Server) attack. They take the site off the web completly. And on a myBB forum only for approximatly 5 seconds.
It may have been done with CMD (Command Prompt) and getting your details there. All he needs to do is get your IP address which is easy, he just needs to:
Type in CMD:
netstat -n *enter* (this brings the list of IP addresses online up.
Hope this helped. If it did please rate me. Come back if you want more details.
Just no. First off, the software you are running on your website has absolutely no affect on how long a DOS attack will keep your site offline for. Even if they got your ip address, the most they could do with it is dos your computer and, netstat won't just magically show you every ip that is on a website. That's just stupid, it shows you all the ip addresses YOU are connected to, and it would just show you the ip of the website, which is useless.
Next time, before you give somebody advice, make sure it is at least somewhat useful and not just a way for you to let everybody know about how you're one of the best web developers around.
Now, OP, check through your admin long in mybb and see if there is any suspicious activity.
(2012-11-28, 10:46 AM)Uzinero Wrote: [ -> ]Also, check what plugins you have and look up whether they have vulnerabilities, I saw you're using google seo plugin and I don't know if it has been patched since, but I remember hearing of it having a vulnerability which made forums easy to hack.
there are no known vulnerabilities with the Google SEO plugin, please stop spreading rumor
Well if my information is not of use then why has the question asker given me a rate for it ?
(2012-12-05, 04:30 PM)aidandonnan Wrote: [ -> ]Well if my information is not of use then why has the question asker given me a rate for it ?
Maybe they also know no better?