BoardMod Mirror - Pls. Help!!! Board Hacked, Everyone is banned!!!

(UTC)

Choose Language:

BoardMod Mirror › YaBB & BoardMod › General Board › Pls. Help!!! Board Hacked, Everyone is banned!!!

‹ Previous Topic | Next Topic ›

Page Index Toggle

Pages: 1

Hot Topic (More than 10 Replies)

Pls. Help!!! Board Hacked, Everyone is banned!!! (Read 5168 times)

raijuta New Member Offline I love YaBB 1G - SP1.2! Posts: 20 Joined: Jun 23^rd, 2007	Pls. Help!!! Board Hacked, Everyone is banned!!! May 19^th, 2011 at 9:57am	Print Post
	Hi Guys, Pls. help, i am the admin of one board but it seems that everyone was banned including me, I checked the banlog.txt and it registers everyone who enters the site. Would you which file that I need to check or what I can do solve this?


	IP Logged

Administrator Forum Administrator Offline Yummm Posts: 7 Location: Modders Rile Joined: Oct 7^th, 2014 Gender:	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #1 - May 19^th, 2011 at 10:44am	Print Post
	First of all get a copy of your servers's access log. It can be used to track what the attacker actually did. That's the only way to determine if a security hole was used or if he just guessed your admin or ftp password. In order to unban everybody, simply remove everything within Variables/ban.txt

	The Administrator.
	WWW IP Logged

raijuta New Member Offline I love YaBB 1G - SP1.2! Posts: 20 Joined: Jun 23^rd, 2007	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #2 - May 19^th, 2011 at 12:32pm	Print Post
	i already did that, apparently the log updates itselft whenever a new user tries to log in. Would you know where I can check the code for this one? or something that I can replace with the default yabb file?


	IP Logged

Administrator Forum Administrator Offline Yummm Posts: 7 Location: Modders Rile Joined: Oct 7^th, 2014 Gender:	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #3 - May 19^th, 2011 at 12:41pm	Print Post
	In that case I'd be taking a look at the register2 subroutine in register.pl. Check the modification timestamps on your .pl files. That may help to identify which files were modified. The fact that the attacker modified files suggests he had access to your ftp account.

	The Administrator.
	WWW IP Logged

raijuta New Member Offline I love YaBB 1G - SP1.2! Posts: 20 Joined: Jun 23^rd, 2007	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #4 - May 19^th, 2011 at 1:26pm	Print Post
	i see. thanks for the suggestion, is there a manual way to unban? like which file do I need to modify?


	IP Logged

Administrator Forum Administrator Offline Yummm Posts: 7 Location: Modders Rile Joined: Oct 7^th, 2014 Gender:	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #5 - May 19^th, 2011 at 1:32pm	Print Post
	As I already mentioned, the only way to manually unban is to get rid of Variables/ban.txt

	The Administrator.
	WWW IP Logged

raijuta New Member Offline I love YaBB 1G - SP1.2! Posts: 20 Joined: Jun 23^rd, 2007	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #6 - May 19^th, 2011 at 2:26pm	Print Post
	Actually I already did, i even deleted the variables/ ban_log.txt but after a few mins another ban_log.txt gets created with the list of ip addresses that was banned. Would you know which file writes to the ban_log.txt?


	IP Logged

Administrator Forum Administrator Offline Yummm Posts: 7 Location: Modders Rile Joined: Oct 7^th, 2014 Gender:	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #7 - May 19^th, 2011 at 2:36pm	Print Post
	Deleting ban_log.txt won't help, as this is only a log file which tells you if someone was banned. The actual banning is happending in Sources/Security.pl, subroutines banning and check_banlist. They are called directly by YaBB.pl. Did you check if any source files were modified?

	The Administrator.
	WWW IP Logged

raijuta New Member Offline I love YaBB 1G - SP1.2! Posts: 20 Joined: Jun 23^rd, 2007	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #8 - May 19^th, 2011 at 2:46pm	Print Post
	Yes, non of them was modified. I also tried to replace them with the fresh one from download of YaBB 2.4 but still all of the users in the system including me still gets the Banning Notification Any files else that I can take a look at? I really appreciate all the help, hopefully I would be able to overcome this error from our site.


	IP Logged

Administrator Forum Administrator Offline Yummm Posts: 7 Location: Modders Rile Joined: Oct 7^th, 2014 Gender:	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #9 - May 19^th, 2011 at 2:57pm	Print Post
	Theoretically the guardian can also ban users. But usually trough the .htaccess file. What's the content of your ban.txt now?

	The Administrator.
	WWW IP Logged

raijuta New Member Offline I love YaBB 1G - SP1.2! Posts: 20 Joined: Jun 23^rd, 2007	Re: Pls. Help!!! Board Hacked, Everyone is banned!!! Reply #10 - May 20^th, 2011 at 8:08am	Print Post
	Hi Michael, thank you so much. Actually i dont have a ban.txt file in the variables folder, i can only see a ban_log.txt not sure if its the same file. I was able to enter finally, I edited the settings.pl to manually put the site in maintenance mode. I deleted the banned members in the settings.pl. After that I tried to enter and I was able to enter (not sure why),


	IP Logged

Page Index Toggle

Pages: 1

‹ Previous Topic | Next Topic ›

« Board Index ‹ Board Top

Top

BoardMod Mirror » Powered by YaBB 2.6.12!
YaBB Forum Software © 2000-2024. All Rights Reserved.

Valid XHTML

Valid CSS

Powered by Perl

Source Forge