MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > Board Hacked - config.php
Full Version: Board Hacked - config.php
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3

senorcosta

2008-06-22, 07:52 PM
Amazingly, people have nothing better to do with their lives than hack a local motorcycle board! LOSERS!!!
Here's my site>>SSYSO

I went in through FTP and see that its my config.php file that they hacked.
Me bad....I was still using 1.2.7. However, if I upgrade, it doesnt do anything about the original config
Check my dB through cpanel and it looks OK

Whats the best way to fix my problem? Thanks in advance for any help!!

Here's my config file as it stands:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">



<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>!! >> This SiTe HaCkEd By !! Mr CrAzY !!</title>

<style type="text/css">

.style1 {

text-align: center;

}

.style2 {

color: #FFFFFF;

}

</style>

</head>



<body style="background-color: #000000">



<p class="style1"><span>

<img style="WIDTH: 800px; HEIGHT: 8px" alt="JaBrOt HaCkEr" src="http://www.up-00.com/uploads/Xr563197.gif" HackeR="" /></span></p>

<p class="style1">&nbsp;</p>

<table cellSpacing="0" cellPadding="0" width="85%" align="center" border="0">

<caption><img src="http://www.y1y1.com/u/uploads1/3c8271465b.jpg" /></caption>

</table>

<table cellSpacing="0" cellPadding="0" align="center" border="0" style="width: 0%" class="style1">

</table>

<p class="style1"><span>

<img style="WIDTH: 800px; HEIGHT: 8px" alt="JaBrOt HaCkEr" src="http://www.up-00.com/uploads/Xr563197.gif" HackeR="" /></span></p>

<p class="style1"><font face="Webdings" color="#FF0000" size="5">~</font><font face="Webdings" color="#ffffff" size="5"><b>

</b></font><b><font face="FixedSys" size="4" color="#FFFFFF">MaRoC</font></b><font face="FixedSys" color="#ffffff" size="4"><b>

Hackers</b></font><font face="FixedSys" color="#ffffff" size="1">&nbsp; </font>

<font face="Webdings" color="#FF0000" size="5">~</font></p>

<p class="style1"><font face="FixedSys" color="#ffffff" size="1">Owned by</font><font face="FixedSys" color="#ffff00" size="1">

</font><span lang="en-us"><font face="FixedSys" color="#ff0000" size="1">[</font><font face="FixedSys" color="#ffffff" size="1">

Mr CrAzY </font><font face="FixedSys" color="#ff0000" size="1">

] </font></span></p>

<p class="style1"><font face="FixedSys" color="#ffffff" size="1">security Is

none For Me !!</font></p>

<p class="style1"><u><b><font face="FixedSys" color="#808080" size="1">sorry</font></b></u><font face="FixedSys" color="#ffffff" size="1">

admin but you don't have any security in your web site ..</font></p>

<p class="style1"><font face="FixedSys" color="#ffffff" size="1">Don't Say No Or

</font><font face="FixedSys" color="#ff0000" size="1"><u><b>Stop</b></u></font><font face="FixedSys" color="#ffffff" size="1">

Please,..</font></p>

<p class="style1"><font face="FixedSys" color="#ffffff" size="1"><br />

But </font><u><b><font face="FixedSys" color="#808080" size="1">Protect</font></b></u><font face="FixedSys" color="#ffffff" size="1">

Your strawberry <b>Site</b> ..</font></p>

<p class="style1"><u><b><font face="Tahoma" color="#0000FF" size="4">Admin</font></b></u></p>

<p class="style1"><b><span lang="ar-kw">

<font face="FixedSys" color="#ff0000" size="5">[</font></span><font face="FixedSys" size="5"><span class="style2"><span lang="en-us">Mr

CrAzY</span></span></font><font face="FixedSys" color="#ff0000" size="5"><span lang="ar-kw">]</span></font></b></p>

<p class="style1"><font face="FixedSys" color="#808080" size="1">Contact</font><font face="FixedSys" color="#ffffff" size="1">:</font><font face="FixedSys" color="#3366ff" size="1">

</font><font color="#ffffff" face="Fixedsys" size="4">

<a href="mailto:[email protected]">[email protected]</a></font></p>

<p class="style1"><font color="#FF0000">

------------------------------------------------------------------------------------</font></p>

<p class="style1">

<EMBED align=baseline

src=http://www.6rb.com/songer/x/en/Justin-Timberlake/Justin-Timberlake_Ayo-Technology.ram width=275 height=32

type=audio/x-pn-realaudio-plugin border="0" console="Clip1"

controls="ControlPanel" autostart="true"></SPAN>

</p></BODY></HTML></HTML>

User 7634

2008-06-22, 07:58 PM
If youd DB was Ok, maybe that hack was only an index change. Take a look into your index page. And refill an original config.php with your data again.

judel

2008-06-22, 08:01 PM
How could they hack your config.php unless they have ftp access to your site?

But yes, restore your config.php and upgrade your site to 1.2.13 ASAP...and change all your passwords, including ftp, database and your admin account.

senorcosta

2008-06-22, 08:04 PM
(2008-06-22, 08:01 PM)judel Wrote: [ -> ]How could they hack your config.php unless they have ftp access to your site?


Good question....and if they really did have access, why not really screw me and delete files??
Where do I get the config file from?

judel

2008-06-22, 08:07 PM
They just wanted you to know they could hack you for some perverse reason. I don't understand the demented mentality of hackers and never will. You just need to do what you can to prevent any future attacks. Most importantly, that means keeping up with the security updates that are released on this site. Wink

senorcosta

2008-06-22, 08:09 PM
(2008-06-22, 08:07 PM)judel Wrote: [ -> ]They just wanted you to know they could hack you for some perverse reason. I don't understand the demented mentality of hackers and never will. You just need to do what you can to prevent any future attacks. Most importantly, that means keeping up with the security updates that are released on this site. Wink

Losers....
Where do I get a fresh config file from?
Thanks

judel

2008-06-22, 08:17 PM
You can recreate yours by following the instructions at the following link:
http://wiki.mybboard.net/index.php/Inc/config.php

senorcosta

2008-06-22, 08:28 PM
(2008-06-22, 08:17 PM)judel Wrote: [ -> ]You can recreate yours by following the instructions at the following link:
http://wiki.mybboard.net/index.php/Inc/config.php


Worked like a charm....THANKS!
Will upgrade now. But the question remains,
how did they access the config file to begin with??

DCR

2008-06-22, 09:33 PM
(2008-06-22, 08:28 PM)senorcosta Wrote: [ -> ]
(2008-06-22, 08:17 PM)judel Wrote: [ -> ]You can recreate yours by following the instructions at the following link:
http://wiki.mybboard.net/index.php/Inc/config.php


Worked like a charm....THANKS!
Will upgrade now. But the question remains,
how did they access the config file to begin with??

Was your admin password same as your FTP password?

MrD.

2008-06-22, 09:54 PM
Given that PHP probably had write access to your config.php file, they could have easily uploaded their own file to your webserver via a previously patched exploit, and use it to re-write your config.php file.
Pages: 1 2 3
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > Board Hacked - config.php