MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > Security / Hi-jack issue
Full Version: Security / Hi-jack issue
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Lily

2010-04-20, 08:05 AM
A couple of days ago my site was hi-jacked again. In fact, it is hi-jacked on a regular basis.

In the search log I found the following entries which, as you can see, bear no relation to any site or site contents.

Guest 10-04-2010, 08:02 96.241.69.18 oprwqamj ixapjdgv http://kojuzhqu.com nvgzbbgy nwpcbbtm aghxibnc
Guest 10-04-2010, 08:02 212.219.234.98 npsvqtzy hpfmaqhx http://zzynehfw.com kwukssqw wrlzdwpj dqxzoacl

Could this have been the origin of the hi-jack and how do I protect against this happening again?

Thanks for the excellent work you do.
Lily

Joshua Mayer

2010-04-20, 08:12 AM
Is it possible for you to print screen the logs, because I can't see what context each of those bits of the logs are from... but I recommend that you delete all MyBB files, and upload a fresh copy, in case a back end into your site was placed in 1 or more of the MyBB files.

Lily

2010-04-20, 08:45 AM
(2010-04-20, 08:12 AM)Joshua Mayer Wrote: [ -> ]Is it possible for you to print screen the logs, because I can't see what context each of those bits of the logs are from... but I recommend that you delete all MyBB files, and upload a fresh copy, in case a back end into your site was placed in 1 or more of the MyBB files.

As a rule I update the site with a fresh copy of the forum installation. The hack usually affect ALL the index.php file in the forum directories. Or a script gets dropped that regenetrates itself and rewrites the Index.php in which case an update of the site does not help.

I do have a copy of such scripts if you wish to take a look at that too.

It is quick to recover if you know what you are looking.

Matt

2010-04-20, 11:07 AM
What version are you on??

Lily

2010-04-20, 11:14 AM
(2010-04-20, 11:07 AM)MattRogowski Wrote: [ -> ]What version are you on??

I am up to date. I applied the latest update yesterday.

i88power88

2010-04-20, 11:26 AM
(2010-04-20, 08:45 AM)Lily Wrote: [ -> ]Or a script gets dropped that regenetrates itself and rewrites the Index.php in which case an update of the site does not help.
Go in your cpanel and look at cron jobs YOURSITE:2082/frontend/x3/cron/index.html see if there is anything there that might not need to be there :\ maybe that is the problem. UndecidedUndecidedUndecided
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > Security / Hi-jack issue