So I have some plugin into mysqly installed I think.. and my site went hacked.. I have changed every pw and check'd for admin list.. is it possible to exist hidden admin.. cause they uploaded a malware php shell on my website.. I think its up to some plugin.. also when I install fresh mybb and connect to existing db I get some plugins from previous forum.. how to delete all those plugins and start all over? Thanks.
They Didn't Upload anything to your Website. One of your admins installed a N3TShell to your forums, in order to remove this you need to remove MyBB Completely and reinstall fresh.
Nooo, you dont understand, I already removed all files and installed fresh mybb and just connected to db.. and I get hacked again, and I saw shell in my public_html/ so problem is with some old plugin's into db.. how to remove it?
In phpmyadmin, find whether it had created any other tables other than the default MyBB ones.
I already did that and i have deleted all mybb plugins tables and some other.. but anyway even if some table stay or row.. its useless cause of fresh php files.. He cant use any php file to get any access on the website.. and phpmyadmin and mysql pw is now changed.. only what im worried is that old plugins are stayed for exmaple I have in settings MyShoutbox even though table and plugin is 100% deleted.. how to delete it from settings in admin cp?
Wohoaaaa, I have discovered that *.php was allowed in attachment types.. it might be that that was causing one more whole..
(2011-06-18, 09:55 AM)yoman Wrote: [ -> ]Wohoaaaa, I have discovered that *.php was allowed in attachment types.. it might be that that was causing one more whole..
Attachments are not executable...
Ok, so how to remove all non-working plugins into admin cp?
When you have a Nutshell injected to your forums, remaking one and taking the used plugins from the other one wont fix the issue, you will have download all the plugins over again in order for it to be a 100% fresh copy.
I have been Injected with a nutshell and I tried removing the injected file, removing plugins, everything and nothing worked. Do that and it will work.
I dont know which all plugins I used.. thats what is the real problem.. so I can add a plugin and disable it from Admin CP... If I could I woulndt post an question here.
You Can Disable as many plugins as you want, the Nutshell can't be stopped in any way shape or forum, Yaldaram has helped me and so has Aries, and we couldn't figure this out. So your better off remembering as many as you can and starting over.
In a word to the wise. Don't give random members Administrator, if you don't something like this won't happen again.