Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Site Hacked - Any ideas how?
#1
The log file was cleaned, however this message was left in admin logs:
[Image: 1nXUU]

Plugins installed:
Plugins
Plugin Controls
Disable portal.php Plugin (1.1)
Disables portal.php to reduce the potential attack surface of MyBB.
Donate $5 toward further development - A great way to say thanks or place a feature request.
Created by Thomas Hruska, CubicleSoft Core Deactivate
Auto Post Bot (0.3)
Make a user or a bot to post automatically into a thread in certain forums.
Created by Yaldaram - Modified for RealForums Deactivate
CloudFlare Manager (1.0-beta 2.1)
An advanced plugin for managing CloudFlare from your forum's admin control panel.
Created by MyBB Security Group Deactivate Uninstall
Default Avatar (1.0)
Force users to have an avatar. Set default information in ACP -> Settings -> User Registration and Profile Options.
Click here to set a default avatar to current users which do not have one selected.
Created by Santiago Dimattia Deactivate Uninstall
Extra Thread Fields (1.1)
Admins can add extra extra fields to the new thread page.
Created by Pirata Nervo Deactivate
Extra Security Question (1.0)
Allows administrators to add an extra security question during registration.

Created by Janota Activate
Force Password Change (1.2)
A plugin which allows an Admin to force a single user and one or more usergroups to change their password.
Created by Will Pillar Deactivate Uninstall
Given Reputation (1.1)
View the reputation points an user gived
Created by N/A Deactivate
Help Center (1.5)
Adds a powerful Help Center to MyBB.
Created by Pirata Nervo Install & Activate
My Awards (2.3)
Give awards icons to members.
Created by Jesse Labrocca Deactivate Uninstall
MySupport (0.4.2)
Add features to your forum to help with giving support. Allows you to mark a thread as solved or technical, assign threads to users, give threads priorities, mark a post as the best answer in a thread, and more to help you run a support forum.
Created by MattRogowski Deactivate Uninstall
MyTabs (1.32)
Lets you implement tabbed browsing in your forum.
Created by Ethan Deactivate
No PM Please (0.1)
Throw PM sender to an error page if he try to send you (Admin or specified Multiple User IDs) a Private Message.
Created by Yaldaram Deactivate
Private Message Log (1.0)
Allows Administrators to view Private Messages sent on their board.
Created by Starpaul20 Deactivate
Redirect After Activation (0.1)
Will redirect users after registration/activation.
Created by Yaldaram Deactivate
Spoiler BBCode (1.6)
Hides text specified in the [spoiler] tag.
Created by Sephiroth Deactivate
Tabbed Menu (2.0.2)
Adds tabbed menu to your index page.
Created by Jesse Labrocca Activate Uninstall
#2
What version of MyTabs had the security issue?
Random Fish and Sims Maniac
MY PLUGINS
Help MyBBSupport help you - remember to mark your threads as solved


#3
This is not the one with security issue I made sure of that.
#4
Where did you get the plugin "Extra Security Question"?
No longer involved in the MyBB project.
#5
I don't remember, but however it was disabled though.
#6
I suggest you analyze your access logs and see who, apart from you, accessed your forum ACP. They do have access to your database as the values were edited via the database so I highly recommend you change all of your passwords such as email, cPanel, FTP, MySQL, etc..

You should also check for any web shells which may have been uploaded. These are usually called 'shell.php' or 'c99.php' but can be practically anything. Compare the files in your hosting account to those from a fresh download of MyBB. Delete any suspicious files which you haven't uploaded.

I advise you then perform a File Verification (ACP > Tools & Maintenance > File Verification) to make sure the hacker hasn't modified any core files of MyBB.
No longer involved in the MyBB project.
#7
Are you using the latest version of Mybb?
#8
There was a file called snapy.php on the server however I removed it.
#9
you should grab the Advanced File Verification plugin from my site and use that along with the built-in File Verification. use AFV to find all non-standard files and then you can review them for suspicious files.

Once you clean up the site, use AFV to set a baseline. Then run it once and a while to see what has changed.
Lost interest, sold my sites, will browse here once in a while. It's been fun.
#10
he has got Janota plugins.


Forum Jump:


Users browsing this thread: 1 Guest(s)