REGISTER or LOGIN to have the annoying ads removed.
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[email protected] - Joined made himself an admin
#21
haha, awesome. Can't wait when it comes out Big Grin
Reply
#22
Same advice as everybody else has been given, once you've deleted the admin account, make sure there's no files that shouldn't be there in your ./cache/themes/ folder, and I'd also reupload all the files from the 1.4.8 package.
Reply
#23
If it deletes stuff, your FTP client is setup wrong. It only adds files and updates/replaces ones, it shouldn't delete anything.

If I have 50 files in my ./inc/plugins/ folder, and upload the default MyBB package on top of it, which only includes the hello.php, it won't delete anything else in the folder.
Reply
#24
A better question is why you haven't updated in 3 weeks to fix the exploit. WTF
Reply
#25
Ok. here are some simple steps for you to follow:

1. GET ON THE MAILING LIST!!!! I made the same mistake as you by not checking my updates simply because I assumed someone else would do the job. You should get on the mybb mailing list so that when a new version of mybb comes out you'll know by email to update all of your mybb forums. GET ON THIS LIST NOW!!!

http://www.mybboard.net/mailing-list

2. Check your administrator logs and look what that user account did while in admin (AdminCP -> Tools And Maintanence -> Administrator Log) and look what he did and undo it. Most likely, if it's this hacker, he most likely only changed the index page and uploaded a backdoor in the cache directory. It's been mentioned in this thread before, delete it ASAP.

3. Follow the guidelines in this thread to improve your website's security:

http://community.mybboard.net/thread-44977.html

4. DON'T LET THIS GO UN-REPORTED!!! A common mistake people do is they DON'T report incidents like this, which, unfortunately, allows malicious hackers to remain anonymous on the web with very little information, if any at all, about them. This particular hacker I have setup a blog again, you may visit it here: http://www.psinetic.org/nobodycoder

Be sure you report any hacking incidents to the correct people as soon as they happen and include all the details you can, this is what helps with security updates to protect you and others like you from having the same attack again.

5. Use your brain, learn how your forum and site operates and what should be locked up and what shouldn't. If you don't know how your beast behaves, how are you supposed to operate it?

6. Like Labrocca said so eliquently (lmao XD), UPDATE!!!!! http://www.mybboard.net/download/latest

that should help you out.

-Psinetic
Reply
#26
(Jul 07, 2009, 02:43 PM)RPG2 Wrote: Becuase I didn't check there was an update.

If it's been 3 weeks, the version check in your ACP would have come up, it comes up every 2 weeks... don't say you ignore that when it comes up...
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  How to change Posts/Threads/Joined time? Anime 2 2,232 Dec 13, 2014, 09:47 AM
Last Post: Anime
  How to modify or delete all forums post from admin panel. rajeevrrs 1 1,627 Nov 26, 2014, 06:44 AM
Last Post: Nasyr
  inc/languages/englishgb/admin/style_editorthemes.lang.php does not exist PianoMike 2 1,491 Aug 29, 2013, 07:14 PM
Last Post: mathewscott
  How do I get my admin account back if I accidently delete it? xarzu 1 1,374 Aug 25, 2013, 06:01 AM
Last Post: teluguresearcher
  Admin Control Panel isn't working. no1dead 1 1,026 Jun 25, 2012, 02:52 PM
Last Post: Oliver Evans

Forum Jump:


Users browsing this thread: 1 Guest(s)