update, sorry they'r note there anymore, after the upgrade it they were deleted, how there's a whole bunch of spc files
so, i didn't notice the new admin and upgraded, then i found and deleted him, but the forum is still acting up
Quote:update, sorry they'r note there anymore, after the upgrade it they were deleted, how there's a whole bunch of spc files
Not really sure what you're trying to say here.
Quote:but the forum is still acting up
Not very specific...
how is it acting up...??
1. After the upgrade, the cache folder now contains like 20 different spc files instead of the theme folders
2. when you go to
http://xrumxrum.com/forum(or click to read a thread) it always scrolls you down to the bottom, while some of the other forum members are saying they are being redirected to some other site when they try to get on.
also, when the forum is loading, the there's all these iphone3g.something sites loading (on the bottom status bar) i don't have ads on the main page, just the threads themselves.
1. I have no idea what spc means, it isn't a word.
2. I said what to do about that in your other thread, check your templates...
1. spc is a file extension, so the files look something like this: 6f8d9efa5c73cf0e09a5a7dc577e7da5.spc
2. I did the "find updated templates" report, but is there a way to revert them all to original at the same time, or do i need to go through them one by one.
1. Delete those, they're not meant to be there.
2. No you need to go through the template sets themselves... click each template set, for example Header Templates, and see if there are any templates that have a green name; if there are, click Options and view a Diff Report to see if there is any code there that you didn't put in, and remove that code if there is any that shouldn't be there.
AAAAAAAAh, i found it
there was an extra iframe next to the mybb copyright in the footer.
seems to be okay now
Thanks for you help.
Thanks, but this was not the exploit that somebody used against me.
(2009-07-10, 01:31 AM)JKD Wrote: [ -> ]Thanks, but this was not the exploit that somebody used against me.
Care to elaborate?
I couldn't find any mention here of nobodycoder. It's probably mentioned somewhere, but I couldn't find it.
This explains all about his activities:
http://www.malwareremoval.com/forum/view...66&start=0
Is the vulnerability he found in mybb covered by this thread or is this a new problem?
On further investigation, this is the exploit he used:
http://milw0rm.com/exploits/9001
It looks like it only affects previous versions of mybb.
I'm sorry if I'm only repeating what everyone already knows.