MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > MyBB is hacked
Full Version: MyBB is hacked
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

ecanikajo

2009-03-21, 06:39 PM
MyBB forum is attacked only 3 days after beginning work. The folder Uploads was file php shell. I renamed admin folder and hide, and I'm not allow all users to upload files, but it is somewhat set.
Where am I mistake?
Btw, At the forum I have the following plugins:
Admin Post Edit (1.0)
Created by ZiNgA BuRgA

Meta - Tag Plugin (1.0)
Created by LowBattery

Modnotice (1.2.3)
Created by Garlant

Show the users that has been online today (2.0)
Created by CraKteR

Overview (3.1.1)
Created by MyBBoard.de

Permission Box For MyBB 1.4 (1.00)
Created by An00bIis

PM On Registration (1.2.0)
Created by DennisTT

ThankYou (3.0.6)
Created by Arash_j13
Update: Hamid Nozari
Upgrade: AmirH Hassaneini,Hamed Arfaee

Trash Can Forum (2.0)
Created by CraKteR

Usergroup legends (2.0)
Created by CraKteR

Extra Safety Check While Registering (2.0)
Created by LeX

If they are safe?

pepotiger

2009-03-21, 06:41 PM
it maybe an exploit bug in your host server it self, and not mybb.

I saw something similar long time a go, someone was able to upload files to any site that in the same server!.

and it was a security bug in the server it self.

Matt

2009-03-21, 06:49 PM
Anything in the server error logs??

ecanikajo

2009-03-21, 07:03 PM
The file is set at the previous server, which I have in the meantime, where we replace the new account is now suspended. Probably think that I set the file. But I passed it to the new hosting unknowing to him during the backup. So I do not know what is written in the server error logs.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > MyBB is hacked