I had my site hacked and google chrome said that malicious code from
updatedate.cn <---Do not click
I fixed it already
lucky for me I always update directly after a Softaculous install. (Softaculous hasn't updated their MyBB install version yet, it's 1.4.5)
(2009-07-18, 09:11 PM)StingReay Wrote: [ -> ]lucky for me I always update directly after a Softaculous install. (Softaculous hasn't updated their MyBB install version yet, it's 1.4.5)
Then you should still upgrade manually as there have been various security fixes since 1.4.5. You are 3 versions behind. You don't really want to take chances against your forum being hacked.
Shouldn't you change the database password? (the user i mean)
if they was able to edit the config.php wouldn't they be able to view it?
You cannot view a php files source over HTTP, the only way to edit or view the file is via FTP or SSH.
Did they edit config.php....??
I highly doubt, unless they have your FTP password and user
This hack allowed a backdoor which in turn allowed arbitrary execution of code. This opens up a lot of possibilities to an attacker, including reading your config.php and obtaining your database password, as well as all other files and data stored on your host / database. After removing the hack and backdoors, you should change all passwords with no exception.
Oh yeah I forgot about the backdoor
Have learned to stay updated on every release. This hack really sucked.