SERVERD hacked KWA VBET!

**PabloAM** · 25-06-10, 17:33

Server yangu alikuwa hacked kwa sababu nina VBET.

Huyu ni kidokezo inatuhakikishia IT:

27,888 mizizi 1 0 18:26? Ss 0:00 / usr / sbin / Exim-Mc 1OSBjj-0007Cf-4S SERVER_SIGNATURE = <address> Apache/2.2.14 (Unix) mod_ssl/2.2.14 mod_auth_passthrough/2.1 mod_bwlimited/1.4 OpenSSL/0.9.8e-fips-rhel5 FrontPage/5.0.2.2635 Server at www com **** Port 80 </ anwani>? UNIQUE_ID = TCTYtbylwV0AAEFiMjYAAABQ HTTP_USER_AGENT = Wget/1.10.2 (Red Hat iliyopita) SERVER_PORT = 80 HTTP_HOST = www com **** DOCUMENT_ROOT = / home/w11s0s3r/public_html SCRIPT_FILENAME = / home/w11s0s3r/public_html/vbenterprisetranslator_seo.php REQUEST_URI = / archive / index.php/f-23.html SCRIPT_NAME = / vbenterprisetranslator_seo.php HTTP_CONNECTION = Keep-Alive REMOTE_PORT = 41,741 PATH = / bin: / usr / bin Walemavu = / home/w11s0s3r/public_html SERVER_ADMIN = webmaster **** com REDIRECT_UNIQUE_ID = TCTYtbylwV0AAEFiMjYAAABQ REDIRECT_STATUS = 200 HTTP_ACCEPT =* / * REMOTE_ADDR = 72.55.191.104 SHLVL = 1 SERVER_NAME = www com *** HTTP_PRAGMA = hakuna cache SERVER_SOFTWARE = Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e -FIPS-mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 rhel5 QUERY_STRING = SERVER_ADDR = 188.165.193.93 GATEWAY_INTERFACE = CGI/1.1 SERVER_PROTOCOL = HTTP/1.0 REDIRECT_URL = / archive/index.php/f-23.html REQUEST_METHOD = KICHWA _ = / usr / sbin / sendmail
27,996 27,888 w11s0s3r 1 18:26? D 0:00 / usr / sbin / Exim-Mc 1OSBjj-0007Cf-4S SERVER_SIGNATURE = <address> Apache/2.2.14 (Unix) mod_ssl/2.2.14 mod_auth_passthrough/2.1 mod_bwlimited/1.4 OpenSSL/0.9.8e-fips-rhel5 FrontPage/5.0.2.2635 Server at www com *** Port 80 </ anwani>? UNIQUE_ID = TCTYtbylwV0AAEFiMjYAAABQ HTTP_USER_AGENT = Wget/1.10.2 (Red Hat iliyopita) SERVER_PORT = 80 HTTP_HOST = www com **** DOCUMENT_ROOT = / home/w11s0s3r/public_html SCRIPT_FILENAME = / home/w11s0s3r/public_html/vbenterprisetranslato ^ C

Siwezi Sakinusha VBET!
Tafadhali nisaidie server yangu ni kutuma mengi ya Spam barua pepe!
Ni kuwa kupasuka!

HELP Michał Podbielski!

**vBET** · 25-06-10, 18:13

Mimi kuchambua ujumbe wako katika wakati huu.

Wakati huo huo tafadhali kwa nini hawawezi kufanya dissable / uninstal vBET? Ni nini kinachotokea?

**vBET** · 25-06-10, 18:16

Je, unaweza tafadhali kueleza kwa nini ni wewe kufikiri kwamba ni vBET kosa? Mimi si kuona.

Pia - je kupatikana ambayo code ni kutuma barua pepe wale Spam?

Siwezi kuona jukwaa yako - vbenterprisetranslator_seo.php yaliondolewa na. htacces sheria bado akionyesha faili hii. Admin CP ni kazi kama mimi kuona.

**PabloAM** · 25-06-10, 18:22

Yeye ni kutumia vbenterprisetranslator_seo.php kuingiza XSRIPT yake na tovuti yangu.

Wakati mimi kujaribu unistall bidhaa, na kufuta vbenterprisetranslator_seo.php kutoka server yangu mtandao wangu i dont kazi kwa sababu mahitaji "vbenterprisetranslator_seo.php" katika FTP: S

Jinsi gani naweza unistall "ALL" VBET?

Shukrani kwa ajili ya kujibu

UPDATE:
Nina kosa unistalling VBET:
http://img822.imageshack.us/img822/2...nistalling.jpg
http://img337.imageshack.us/img337/4...istalling2.jpg

**vBET** · 25-06-10, 18:34

Kama nilivyoandika bado una htaccess sheria akizungumzia. vbenterprisetranslator_seo.php - Tu maoni hayo.

Pia huna kufuta vBET - ni wa kutosha tu afya yake. Hasa kwamba mimi bado hawaoni ni kwa nini unafikiri kwamba ni suala vBET na inawezekana kwamba si.

Tafadhali kueleza jinsi ujumbe wako kwanza kuamua kuwa mtu fulani ni kutumia vbenterprisetranslator_seo.php kuingiza XSCRIPTs ambayo ni kuandika juu. Tafadhali kumbuka kuwa vbenterprisetranslator_seo.php hana lolote mantiki muhimu - ni tu Front Mdhibiti. Wote maombi ya jukwaa yako ni kwenda kwa faili hili kisha baada ya hayo vbseo.php ni kutumika. Hivyo kama wewe kuondoa vBET sheria, utaona magogo yote akizungumzia vbseo.php ambayo maana kwamba vbseo.php ina jukumu la shambulio hilo.

Basi wakati huu nadhani kumbukumbu yako ya kusoma makosa na kwamba vbenterprisetranslator_seo.php si kuwajibika kwa shambulio hilo. Naweza kuwa mbaya, lakini kama wewe ni uhakika, basi tafadhali kueleza jinsi ni kufanyika (hii insertion XSCRIPT na vbenterprisetranslator_seo.php) - Sisi kuchanganua.

Tafadhali kumbuka - ni kwa maslahi yetu bora ya kuweka wateja wetu salama. Hivyo tutafanya juhudi zetu bora ya kutatua suala Kama ni unasababishwa na vBET. Kwa usalama wako mwenyewe - tafadhali kueleza kwa nini hasa unafikiri kwamba ni kufanyika kwa vBET. Vinginevyo kama wewe ni makosa - nini mimi kutarajia, kwa sababu watu wengi wanafikiri kwamba kila kitu kinafanyika na vbenterprisetranslator_seo.php - Ambayo mabadiliko tu server vigezo na haina chochote zaidi, lakini maombi yote kwenda kwa hilo, hivyo watu kupata hisia mbaya - hivyo kama wewe ni makosa, basi utakuwa tu huru zote vBET yako cache na mazingira na utakuwa bado kuwa kushambuliwa, kwa sababu wewe Je, kitu kibaya (bado ushauri kwa afya vBET si kufuta).

Hivyo tafadhali kueleza kwa nini thinging kwamba vBET kuruhusiwa kwa shambulizi hili. Mpaka sasa uliandika tu kufikiri ni nini, lakini hakuna neno hufanya nini unafikiri kwamba.

**vBET** · 25-06-10, 18:53

Originally Posted by PabloAM

Nina kosa unistalling VBET:
http://img822.imageshack.us/img822/2...nistalling.jpg
http://img337.imageshack.us/img337/4...istalling2.jpg

Kuhusu jambo la kwanza - nami heck yake.
Kuhusu 2 - wewe tu haja ya kuondoa kutoka mafaili server vBET. Hasa / Inajumuisha / xml / cpnav_vbenterprisetranslator.xml - Hii moja amefafanua vBET orodha.

**mario06** · 25-06-10, 18:56

Originally Posted by PabloAM

Yeye ni kutumia vbenterprisetranslator_seo.php kuingiza XSRIPT yake na tovuti yangu.

Wakati mimi kujaribu unistall bidhaa, na kufuta vbenterprisetranslator_seo.php kutoka server yangu mtandao wangu i dont kazi kwa sababu mahitaji "vbenterprisetranslator_seo.php" katika FTP: S

Jinsi gani naweza unistall "ALL" VBET?

Shukrani kwa ajili ya kujibu

UPDATE:
Nina kosa unistalling VBET:
http://img822.imageshack.us/img822/2...nistalling.jpg
http://img337.imageshack.us/img337/4...istalling2.jpg

Reinstall basi kujaribu uninstalling tena, basi manually futa zote vbet files uploaded katika utaratibu huu:

1. reinstall
2. kufuta
3. manually futa zote vbet uploaded files

PS. Michael, hii ni lazima kuangaliwa kwa undani zaidi kwa sababu nataka kulala salama usiku.

**vBET** · 25-06-10, 18:57

Kwa jambo la kwanza - ni ndogo vBET mdudu. Mimi tayari kupatikana ufumbuzi - itakuwa ni pamoja na katika taarifa yake ya pili. Kwa ajili ya kurekebisha haraka:
1. wazi vBET faili bidhaa: do-not-upload/product-vbenterprisetranslator.xml
2. Find:

Code:

$vbulletin->db->query_write('DROP TABLE ' . TABLE_PREFIX . 'vbenterprisetranslator_cache_'.$code.);

3. Nafasi na:

Code:

$vbulletin->db->query_write('DROP TABLE ' . TABLE_PREFIX . 'vbenterprisetranslator_cache_'.$code);

4. Kuagiza bidhaa faili tena
5. Sakinusha tena

Tafadhali kuondoa files vBET baada ya hapo. Kama kuondolewa tayari - tafadhali upload ni.

**vBET** · 25-06-10, 19:10

Originally Posted by mario06

PS. Michael, hii ni lazima kuangaliwa kwa undani zaidi kwa sababu nataka kulala salama usiku.

Tafadhali angalia hapa na jibu kwa swali: http://www.vbenterprisetranslator.co....html # post3545

**vBET** · 05-07-10, 07:11

Hakuna majibu. Katika hali kama kitu anasema kuwa ni kosa na faili vBET ambayo aliitwa na hatia haina mantiki kwa ajili ya kizazi ukurasa hivyo insertion ya scripts haielekei hapo - ni haki mbele ya mtawala.

Suala la kufungwa.

Kiafrikana	Kialbeni	Kiarabu	Kibelarusi
Bulgarian	Kikatalani	Kichina	Kikroeshia
Czech	Denmark	Kiholanzi	Kiingereza
Kiestonia	Filipino	Kifini	Kifaransa
Galician	Kijerumani	Kigiriki	Haitian Creole
Kiyahudi	Hindi	Hungarian	Kiaislandi
Indonesian	Ireland	Italian	Kijapani
Kikorea	Latvian	Kilithuania	Kimasedonia
Malay	Maltese	Norwegian	Kiajemi
Polish	Kireno	Kiromania	Russian
Serbia	Kislovakia	Kislovenia	Kihispania
Swahili	Swedish	Taiwanese	Thai
Kituruki	Ukrainian	Kivietinamu	Welsh
Yiddish

Kupata na sisi!

Thread: SERVERD hacked KWA VBET!

Thread Tools

Kuonyesha

SERVERD hacked KWA VBET!

Tags kwa Thread hii

Posting ruhusa