Hello fello vBTEAM members,
Yesterday my vBulletin Forum was Hacked and every time you visited my url you got re-directed to the Hackers Site ...
To start with i was a bit worried that i had lost it all, but after logging into FTP i found everything still in place and ok, It was a this stage i realised this is just a simple re-direct hack and not to worry too much.
After the Hacker was so nice to leave his contact details i decided to contact him and ask him to fix it, which he could not ?! noob, lol
I then put 2 & 2 together and realised this might be a SQL Injection, So i ran my Backed Up SQL Database from the 01/06/09 against the new (Hacked) one 02/06/09 and found this hiding in there ...
I then traced it back to the Admincp ... vBulletin Options ... Site Name / URL / Contact Details ... Homepage Name,
Changed it back to my Homepage Name & bingo, No more re-direct !
So if this happens to you, Dont worry, I have already done all the hard work, lol, Just go to Admincp (Which is still accessible & dont re-direct) and change the setting above.
P.S ... K3Vs Final Thought ...
"He who laughs last prolly has backup !"
Yesterday my vBulletin Forum was Hacked and every time you visited my url you got re-directed to the Hackers Site ...
Code:
http://tradas2.t35.com/images/index.html
To start with i was a bit worried that i had lost it all, but after logging into FTP i found everything still in place and ok, It was a this stage i realised this is just a simple re-direct hack and not to worry too much.
After the Hacker was so nice to leave his contact details i decided to contact him and ask him to fix it, which he could not ?! noob, lol
I then put 2 & 2 together and realised this might be a SQL Injection, So i ran my Backed Up SQL Database from the 01/06/09 against the new (Hacked) one 02/06/09 and found this hiding in there ...
Code:
<meta http-equiv="refresh" content="2;url=http://tradas2.t35.com/images/index.html">
I then traced it back to the Admincp ... vBulletin Options ... Site Name / URL / Contact Details ... Homepage Name,
Changed it back to my Homepage Name & bingo, No more re-direct !
So if this happens to you, Dont worry, I have already done all the hard work, lol, Just go to Admincp (Which is still accessible & dont re-direct) and change the setting above.
P.S ... K3Vs Final Thought ...
"He who laughs last prolly has backup !"