Someone is trying to HACK my Foruns!

06-14-2007, 03:44 AM

Quote:

Originally Posted by Nick R

Didn't trigger any response on vista and I ran 3 direct scans with various virus scanners.

was someone saying how secure Vista is ? :p

yes.gif

this was a Backdoor.PHP.C99Shell.a virus

*thread edited

xpgo · 06-14-2007, 08:52 AM

Quote:

Originally Posted by Cube1233

xpgo ban him ban him

are you crazy?
i receive this error by email, telling there was a mysql error in this "vbsupport" hack.
That is a txt file, i don't know nothing about coding, that's why i posted here to see if someone could tell me if they could hack anything in my forum with this txt file....

Nick R · 06-14-2007, 02:09 PM

And why wasn't it a normal php file?

ps. I know vista does kind of sucks and isn't to secure, but you can't really attack it for being buggy ;)

xpgo · 06-15-2007, 08:31 AM

maybe ask the guy who tried to hack my board....
i'll remove my vbsupport add-on and advise you all to remove it as well if you have it installed..
thanks

Cube1233 · 06-18-2007, 12:14 PM

i managed to get the code

of the virus any ill tell you who tried to hack you

You must first be a registered member to view any code.

looks like it was a php hack in a txt file look what else i found

You must first be a registered member to view any code.

any one who clicked the link i advise you to delete ur cookies and put a master password on firefox

You must first be a registered member to view any code.

xpgo · 06-20-2007, 11:18 AM

what this code does exactly?? does it takes my foruns passwords? thank you for explaining me, because i don't know nothing about scripts and coding...
did they made anything bad to my foruns?
i've changed all passwords for security reasons...

Cube1233 · 06-20-2007, 01:09 PM

yeh it steals ur forums steals pw and username steals ur cookies steals ur ftp accesss still all ur master password stuff and loads more

sharrychrist · 07-09-2007, 11:52 AM

Hi, this post is very informative; however I would like some specific information. If someone can help me then please send me a private message. Best Regards,

Magnumutz · 07-09-2007, 12:37 PM

c99 shells are used to hack through several scripts that are chmoded to 777 in order to be run properly. Known vulnerable vBulletin scripts: vBShout 2.0 and 2.1, vBSupport.

Nick R · 07-09-2007, 01:49 PM

vb shout 2.0 isn't vulnerable. It doesn't use a flatfile.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Install System Part 2	Ken Iovino	Announcements	10	05-19-2005 11:40 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)