MyBB Community Forums

Greetings.

The forum that I help manage was compromised I believe and no one can log into it. I'm the role of super admin and I can't log in either. I'm able to access my cpanel and all the files using an FTP server but when I attempt to reset my password, it goes through the process, emails me, emails me the temp password then when I try to sign in using the temp password it tells me it's invalid.

Any ideas?

---

Never mind, I just deleted the database and restored it from a week old one. Disabled the compromised admin and now we're good.

Your forum was compromised by sql injection attack. Go to your cpanel, edit your base manually: clear out pass field..... than enter desire passphrase, save and you are ready to go.

The template files will not process php, which is why I am seeking functional alternatives.

_________________
kathi

(2014-11-10, 11:56 AM)kathi Wrote: [ -> ]The template files will not process php, which is why I am seeking functional alternatives.

_________________
kathi

Simply run this query in phpMyAdmin,

where it says 'userid', set that has the user id you require.

UPDATE mybb_users SET password = '123456', salt = '' WHERE uid = 'userid';

new password = 123456


Quick edit, ive just seen this on another thread also:~
Finally, to reset your password, in case the hacker changed it too, run the following SQL query. Remember to replace X with your uid and mybb_ with your table prefix. The password will be set to test so you can change it afterwards in the User CP.



Code:

UPDATE `mybb_users` SET `password` = '098f6bcd4621d373cade4e832627b4f6', `salt` = '' WHERE `uid` = 'X';