You are not logged in. Please login or register.
PunBB Forums → PunBB 1.2 troubleshooting → Almost all folders in forum deleted!
Seems my site has been hacked or something. Almost all folders in my forum are gone, only cache & calendar & img are left.
I'm using 1.2.11, and only the forum is affected. The database seems intact too.
Here is my frontpage:
http://www.princefams.com/index.php
This is the forum:
http://www.princefams.com/forum/index.php
I guess I should just upload the files and folder on my ftp again, but I'm concerned about why this happened.
I think you have been hacked i cant think of anyother reason!!you can change your ftp user name and pw in control panel but wait untill someone else also thinks you should!! I could be wrong but these folders just dont vanish!! Wow thats gotta suck!! I hope you had back ups!! But dont do anything till some one else confirms my thoughts!! It could screw up and you would have to start the forum over!! btw Check in ur phpmyadmin and see if the files are still there...
Changing the ftp password and username won't screw up anything. I think this is the first thing to do, before the hacker (if there is on) does it.
If the databse is intact, your lucky ! It's the only irrecoverable thing. You can always re-uplaod the files.
good Luck !
No i knew that changing the username and pass wont effect anything othr than you will have to edit the Config file!! but i was wanting to agree with me that if it were a hacker or not! But yes i highly suggest going to a google and find a password generator!! So the code will come out like 29381920 or something like that!! If you have fire fox i suggest using this!
https://addons.mozilla.org/extensions/m … php?id=135
Or maby your school id number! Just a suggestion!!
Thanks for the comments so far. I think there is no doubt I've been hacked, but it's strange that only the forum was affected. My Coppermine gallery and all html-files are still working fine.
No defacing on the front-page or other typical hacker-messages.
Strange thing 
Ok since you have a Cpanel i suggest you do these things! This is to see if all of your post ect ect are gone! or if they saved on sql are are still there
1. Click this link and login https://www.princefams.com:2083/ (This is your Control Pannel is perfectly safe)
2. Look for the img that says "MySQL Databases" below it(3rd line 3rd over!)
3. Look for phpMyAdmin and click it
4. Then find your Sql on the left in drop down menu!
5. If it is there click it and if alot of files come up YOUR IN LUCK AND YOU CAN GET YOUR FORUM BACK TO NORMAL!! WITH A LITTLE BIT OF WORK!!!
If the above files are there leave a message and i will tell you the rest!! but do not re-upload and try to re-install the punbb or all of your post and fourms and regeistered users will be gone
My Coppermine gallery and all html-files are still working fine.
No defacing on the front-page or other typical hacker-messages.
Strange thing
That what make me think it was a hacker!! !! Because they were trageting your forum and didnt care to delete the main root(/)
Yeah, I know how to use the panel and phpmyadmin.
I'm not worried about restoring this, cause that's gonna be pretty easy, but I wish I could understand how they got in.
I doubt it's a punbb-problem, cause the database would have been affected. Seems like I have an opening somewhere. Perhaps the attachment mod, since it gives the users write-access..
Mmm, worth looking into 
Yeah, I know how to use the panel and phpmyadmin.
I'm not worried about restoring this, cause that's gonna be pretty easy, but I wish I could understand how they got in.
I doubt it's a punbb-problem, cause the database would have been affected. Seems like I have an opening somewhere. Perhaps the attachment mod, since it gives the users write-access..
Yeah but doesnt it just upload on imageshack.us??
What it could be is!! Have you advertised your site!!.... (Just to let you know even if you did have an opening all it would take is a few bots from a CERTIAN program and your a gonner... Atleast with most forum softwares!!
Also another thing! People can use google to hacK!! i am not gonna say because if this gets out!! There will be a major problem!! Its all related to the cpannel!! Of course the cpanel is good but it can be a mess trouble with a few clicks. With a little typing and a click here and there your forum is gone! Thats why its allmost better not to submit your site to google so it shows up on searches!! I allready made the misstake and have been hacked 1ounce allready! I am not saying this is the way you got hacked but if you have submitted your site to google its a good chance!! But the good thing about c-panel hacking is you can bring it back! Unless the hacker is smart!
Here are the steps to get your forum back if the hacker hacked you the way i think they did!!
1. Loginto your Control Panel
2. Go to File Manager
3. Look on the right (You will see a trash folder)
4. Restore what you want... and there you go!!
If this didnt work i will try and think of another way!
Err, artic chill, stop trying to scare people 
Yeah but doesnt it just upload on imageshack.us??
No, the attachment mod uploads directly to the forum (but I doubt that's the issue if your folder was outside the web root and thus not publicly accessable: was it?)
Just to let you know even if you did have an opening all it would take is a few bots from a CERTIAN program and your a gonner... Atleast with most forum softwares
Untrue, the only case of that I can think of is the Santy worm for phpBB
Also another thing! People can use google to hacK!! i am not gonna say because if this gets out!! There will be a major problem!! Its all related to the cpannel!!
No they can't and no it isn't
"Google hacking" isn't hacking. It's using Google to find information that it useful for the purposes of hacking (like, say, all sites that have text from a logged in CPanel page). If CPanel was insecure enough that just by submitting your site to Google you'd get hacked, no one would use it
With a little typing and a click here and there your forum is gone! Thats why its allmost better not to submit your site to google so it shows up on searches!! I allready made the misstake and have been hacked 1ounce allready
Having your website in the search engines is part of getting traffic. It's not a "mistake" to do it if that's your aim. Plus, you'll get added eventually (unless you ban them via robots.txt). Getting indexed does not lead to getting hacked unless you do not stay on top of security patches
I am not saying this is the way you got hacked but if you have submitted your site to google its a good chance
No, it really isn't: the chances of CPanel being set up that poorly are low
I'd start by looking at Apache's access logs, seeing what if anything was run near the time it happened
The attachment mod folder was outside the root, yes.
I'm going to look at the access log a bit later, I'm at work now so my hands are a bit tied.
No they can't and no it isn't
"Google hacking" isn't hacking. It's using Google to find information that it useful for the purposes of hacking (like, say, all sites that have text from a logged in CPanel page).
True but this is a lead to hacking!! Because if you know what your doing and the user has a forum all you have to do is check Config.php... maby you dont know the way i knoe but it is possiable...
SORRY IF I SCARED ANYONE THERE A HUNDEREDS AND HUNDEREDS OF PAGES!!! THE LIKELY CHANCES OF SOMEONE FINDING YOUR WEBSITE ARE SLIM and if someone does you can get it back... So its a waste of time for the el hacker
If CPanel was insecure enough that just by submitting your site to Google you'd get hacked, no one would use it
Unforinntly the hacker was looking for my site!! (I was using phpbb at the time)... He had a grudge aginst me!! He used google and found a section of my cp!!
He grabed my config.php file and gets this information
$db_name = 'EXAMPLE;
$db_username = 'EXAMPLE';
$db_password = 'EXAMPLE';
Now there on the real cpannel and off they go deleting! Even that some times you are into the system and dont have to worry about things
No, it really isn't: the chances of CPanel being set up that poorly are low
Alltho the chances of this i do belive arnt there!! If your (Host or domain) (Not sure which give you cpanel) didnt wanna spring the money and get the Newest version or you got yours awhile back Or have a pirated version(Yes i dont understand how it works but yes its there)
"Google hacking" isn't hacking. It's using Google to find information that it useful for the purposes of hacking
Yes in most cases this is true(If you Cach the document)!! But in some cases you are logged in straight to the cpanel... If you give me your aim or msn i can give you a small example of what i am talking about!....
This isnt the place to talk about it!! Lets get back on topic and help Endre get the forums back up in running this is TroubleShooting not hacking school!!!
True but this is a lead to hacking!! Because if you know what your doing and the user has a forum all you have to do is check Config.php
You can't view config.php from the web
Unforinntly the hacker was looking for my site!! (I was using phpbb at the time)... He had a grudge aginst me!! He used google and found a section of my cp!!
Sounds like an insecure setup on your part, not something bad with Google or the forum software (although it could have been something in phpBB)
Alltho the chances of this i do belive arnt there!! If your (Host or domain) (Not sure which give you cpanel) didnt wanna spring the money and get the Newest version or you got yours awhile back Or have a pirated version(Yes i dont understand how it works but yes its there)
You shouldn't be hosting with a host that has a pirated/old version of CPanel: if they don't take security seriously enough, why trust them with your data?
Yes in most cases this is true(If you Cach the document)!! But in some cases you are logged in straight to the cpanel... If you give me your aim or msn i can give you a small example of what i am talking about!....
I don't need an example, I know about Google hacking: the point being that if everyone is doing what they're supposed to be doing (you and your host are keeping up to date) there should be no issue. And if your host isn't, then why are you hosting with them?
I am gonna ingore your post because we need to help Endre before we fight!! (expect one thing!)
You shouldn't be hosting with a host that has a pirated/old version of CPanel: if they don't take security seriously enough, why trust them with your data?
These were my reasons
1. Because my dad is a wife beater type of guy
2. No money
3. It was run mostly by my freinds
4. My dad is the biggest jack rass around( In the way as # 1 and yes i ment to say rass )
5. A guy helped me move out so i bought him a domain(With some other things!)
6. I didnt think the site was gonna last
7. I was new to the hole thing and i didnt know what i was doing
8. I had bought a year and didnt want to cancle 2 months in
9. My friend would have been mad when suddenly his site shut down
10. I didnt have the time to search around and acctually find the best at the cheapest price when i bought it!
Ok my suggestion...(I am sure that Smartys is gonna come back with a defence... Which i want to make sure i dont have an error)
1. Reupload missing files and see what happens!(If you have a back up UPLOAD IT NOW)
2 and 3 and maby 4 will be coming depending on what happens from there! Be sure to make a backup now just incase the sql messes up(or some other phyco thing happens!! The worst thing you can do to a hacker is have the site he hacked come back and do better!! SO i want you to do that!
BE SURE NOT TO ACCTUALLY INSTALL THE FORUMS YET!!!
I got everything back up and running with only half an hours work, just had to find the correct files in my backup and upload via ftp.
I've got my webhost trying to find the culprit, and I'll report back when and if I get any definite answers on the method used.
Thanks for the help and feedback.
PunBB Forums → PunBB 1.2 troubleshooting → Almost all folders in forum deleted!
Powered by PunBB, supported by Informer Technologies, Inc.