Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 03 Dec 2013, 04:34
Justinphx Justinphx is offline
 
Join Date: Jan 2012
Suggestion to block a possible hack?

Last night my server/vbull was hacked I believe.

The following files had redirects in them to forum/install/install.php.

===
/forum/readme.txt
/forum/includes/init.php
/forum/includes/class_core.php
/forum/includes/class_core.php.bak
/forum/admincpsecure/diagnostic.php
/forum/admincpsecure/global.php
/forum/class_core.bkU
/forum/vb4_readme.html
/forum/vb4_readme.txt
/forum/forum.php

I do not have a /install directory as it was deleted/removed some time ago. However, a hidden directory was suddenly there last night - it did not have any files in it though so all the redirects were going to the non-existent install.php file which resulted in a 404 - file not found - error.

This was a real mess and I ended up restoring a full backup. After that all was fine and the hidden /install directory was no longer present.

I am running V4.1.12 patch 4 and wondering if this is a known issue and it there is a patch. I password protected the /install directory using .htaccess.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 02:42.

Layout Options | Width: Wide Color: