got hacked again (v1.1.7)
#1
I just upgraded to myBB 1.1.7 when again the template 'index' was altered to redirect to http://kingwolf.by.ru/hack3/

I don't know how this is possible, maybe they guessed my database password. I've changed it.

Another thing i recognized: I found 2 (recent) users in my database with 'usergroup=2' and 'additionalgroups=4' !! I deleted them right away, the usernames were names like '123456'...

#2
#3
Sgop Wrote:I just upgraded to myBB 1.1.7 when again the template 'index' was altered to redirect to http://kingwolf.by.ru/hack3/

I don't know how this is possible, maybe they guessed my database password. I've changed it.

Another thing i recognized: I found 2 (recent) users in my database with 'usergroup=2' and 'additionalgroups=4' !! I deleted them right away, the usernames were names like '123456'...
Follow the Instructions here ...
http://community.mybboard.net/showthread.php?tid=10111

Why does it seam that only Turkish script kiddies are going after MyBB?
[Image: MiNT.png]
#4
I was hacked before by Turkish hackers when I was using PHPBB. Doing a search on google shows that there is a major problem with Turkey and hackers.

As for my forum, it looks like its been shut down from the admin panel, rather than being seriously screwed with, meaning that there is some specific value in the database that I might be able to change back. I don't have a working knowledge of MyBB though, so I have no idea where to look.
#5
I was hacked yesterday by them on 1.1.3, then I upgraded to 1.1.7. I hope this does not happen to it again, if so, considering MyBB is my favorite forum system software, I won't leave it, although I would really like to see this problem fixed.

#6
I was hacked by the same Turkish people.. how did you guys fix it? For whatever reason, I can't log into the admin cp now.

I was on 1.1.3.

Any help would be appreciated, I already pm'ed the mods.
#7
Search your phpmyadmin for 'King' and remove all the kingwolf crap. Then upgrade to 1.1.7, its fairly easy. Just upload all the files except for the install, inc/settings.php, and inc/config.php.
#8
That's funny... My lanparty site (which is a PHPNuke) also got hacked by a Turkish hacker..

Hmmm...
pwnt.
#9
Snowy Wrote:That's funny... My lanparty site (which is a PHPNuke) also got hacked by a Turkish hacker..

Hmmm...

Which verison of Nuke are you using? If you are not using the latest paid verison (7.9) than more than likely you will never be safe from the 2 injection holes.
[Image: signature.gif]
#10
The turks are going on a rampage!

Wait, this means they could hack this forum as well, although I doubt they would because this is copyrighted and stuff.


Forum Jump:


Users browsing this thread: 1 Guest(s)