MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > Site hacked need help
Full Version: Site hacked need help
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

v01d

2010-05-23, 05:08 PM
my site got hacked today and admin pass was changed. I moved my admin directory back when i made the site. I can't log in any way i can get the pass back?

Matt

2010-05-23, 05:13 PM
UPDATE `mybb_users` SET `password` = '098f6bcd4621d373cade4e832627b4f6', `salt` = '' WHERE `uid` = '1';

Change your UID if it isn't 1, then login with test as the password.

v01d

2010-05-23, 05:21 PM
alright thanks that worked perfect but what are some other things i could do to prevent this from happening again? I have no clue how they accessed the site in the first place and logs from the admin panel were cleared. i have moved admin directory and pass protected it.

xHtmlPhP

2010-05-23, 05:46 PM
It's called SQLi, its an exploit to your database, not to sure on how to fix it on MyBB but they can access your database then get the passwords (after decrypting them) Anyway you can search around for help fixing it.

Matt

2010-05-23, 05:47 PM
There aren't any known SQL injection exploits in MyBB.

Ask your host if they have any more info on what happened.

xHtmlPhP

2010-05-23, 05:49 PM
There can be exploits through certain plugins.

Michael Malin

2010-05-23, 08:27 PM
(2010-05-23, 05:49 PM)xHtmlPhP Wrote: [ -> ]There can be exploits through certain plugins.

For example in MyPS. There are many security issues.

v01d

2010-05-23, 09:27 PM
(2010-05-23, 08:27 PM)magent Wrote: [ -> ]
(2010-05-23, 05:49 PM)xHtmlPhP Wrote: [ -> ]There can be exploits through certain plugins.

For example in MyPS. There are many security issues.

yeah the only one i could see being a problem would be the userbar plug-in. idk if there are any known exploits with this but all my other plug-ins are from labrocca and i'm pretty sure if any of his were security issues hackforums would be attacked pretty fast lol. but i'm going to re-rename the admin directory as well as password protect it, and disbale any plug-ins that could possible be a problem. The only other thing it could really be mightbe a keylogger.

remshad

2010-05-24, 10:55 AM
i think you may forget to sign out while using Admin Acc/ from any Internet Cafe....

User 2877

2010-05-24, 03:52 PM
(2010-05-23, 08:27 PM)magent Wrote: [ -> ]
(2010-05-23, 05:49 PM)xHtmlPhP Wrote: [ -> ]There can be exploits through certain plugins.

For example in MyPS. There are many security issues.

Actually there is just one low level XSS. Please use facts.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.4 > MyBB 1.4 General Support > Site hacked need help