MyBB Community Forums

Full Version: Forum Hacked Again
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
My forum has been hacked once again, I own the forum www.RuneGear.net and I am running MyBB 1.6x on it. The forum has multiple plug ins running and many of them disabled, these plugins are the current active ones:

Contact Form
Forum Icons
Fun Post Stat
Google Analytics
*imeiNoQinQ!
Last Edit Lock w/ Staff Warn
Multiple Account Detector (M.A.D)
Mods Cant Edit Admins Posts
Monthly Stats
My Awards
Online 24
Private Messages Admin
Cannot send PM's To self
Profile Groups
ProStats
Rate Ban.
Repoco
Spoiler MyCode
Tabbed Menu
Undo Delete
YouTube BBCode

MyBB is the only thing running on my webhost with a secure database password. My information is also secure and he continuously gets access to phpMyAdmin. I'm sick of this, he keeps defacing my website.
Your information is only as secure as your host makes it, and there is a lot more than MyBB running on your server.

Have you looked through error logs to see exactly where they went and what they did??
(2010-11-07, 07:20 PM)MattRogowski Wrote: [ -> ]Your information is only as secure as your host makes it, and there is a lot more than MyBB running on your server.

Have you looked through error logs to see exactly where they went and what they did??

There doesn't seem to be any irregularities, it's weird.

EDIT: He's defaced it again.
There will more than likely be something in the access logs, ask your host if they have access to anything else that might help.
Your host has a security hole that the hacker keeps on exploiting. You need to either find a new host or tell your current host to fix the issue.
Is their any protection against SQL injection
MyBB is secure against SQL injections. If there was an SQL injection vulnerability, we'd know about it, you wouldn't be the only forum being attacked like this.

Go through the access logs thoroughly, you should find something.
In addition to what has already been suggested above, here is my checklist:

- File verification in AdminCP
- Audit MyBB users for any users that might be hiding as admins
- Check the cache folder (and any other folders that have 777 permissions like the uploads folders) for files that may not belong there
- Audit phpmyadmin for unknown users
- Update phpmyadmin to latest version (make sure all files are valid files there)
- Audit your server for users with access to ssh/ftp
- Change passwords to secure ones everywhere: cpanel, phpmyadmin, databases, mybb admincp, ftps, ssh. Do this for all users with access to any of these services
-