News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

I think my site was hacked!!!!!!!!

Started by nvcnvn, April 02, 2011, 10:08:54 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

nvcnvn

April 02, 2011, 10:08:54 AM
To day, just access my forum and see it in maintain MOD (i'm the only admin off this forum)


and I see in my Settings.php, at the last row


$upgradeData = "YTo5Ont.......................................pbiI7aToxO30=";


wich is the base64 encode of a serialize string.


a:9:{s:2:"id";s:1:"1";s:4:"name";s:6:"myusername";s:4:"pass";i:55555;s:7:"started";i:1297650436;s:7:"updated";i:1297650550;s:7:"version";s:7:"2.0 RC3";s:4:"step";i:4;s:7:"substep";s:1:"0";s:4:"main";i:1;}
[/size]
[/size]so!?....help me :D

redone

#1
April 02, 2011, 10:45:14 AM
Version of SMF? Mods installed? Potentially you are running rc3 which you should of updated a while ago.

~RedOne

nvcnvn

#2
April 02, 2011, 10:56:28 AM
I remember that I have install the SMF 2.0 RC4 Security Patch, so I think I was using RC4.
1.    YouTube BBCode    2.6    [ Uninstall ] [ List Files ] [ Delete ]
2.    Pretty URLs    1.0RC5    [ Uninstall ] [ List Files ] [ Delete ]
3.    Global Headers Footers    2.0

Is my mod!

Is there any way my forum auto run the upgrade or some thing else???

Illori

#3
April 02, 2011, 11:12:59 AM
can you ask your host if there have been any security issues on your server recently? it is possible another site was hacked and with improper security your site got hacked as well. do you run any other php apps on your server?

redone

#4
April 02, 2011, 11:26:29 AM
I would begin with updating to the current version of SMF for a start. Hopefully your host can shed some light on the issue for you.

~RedOne

nvcnvn

#5
April 02, 2011, 11:31:11 AM
yeap.

for now , all of my forum is RC5

my hosting include many many other app!
But I'm considering that did i was hack!? Why he just upgrade my forum!? Or I just upgrade my forum when I was hypnotized????

Illori

#6
April 02, 2011, 11:33:00 AM
the other php apps could have security issues that would give someone access to hack your smf install as well as others on your server.

CapadY

#7
April 02, 2011, 04:23:19 PM
Quote from: RedOne on April 02, 2011, 11:26:29 AM
I would begin with updating to the current version of SMF for a start. Hopefully your host can shed some light on the issue for you.

~RedOne

He is running RC4 WITH security patch, so an upgrade isn't neccesary.
Please, don't PM me for support unless invited.
If you don't understand this, you will be blacklisted.

twig/al

#8
April 02, 2011, 04:40:52 PM
If your update or install folder is still on the server that maybe how they got in. Just delete them and change you username and password. Just a suggestion from a semi newbie.

nvcnvn

#9
April 03, 2011, 05:45:59 AM
I still do not now how is it going on....but thanks all of you :D
Print
Go Up Pages1
User actions
Advertisement: