Check If Your Forum Was Hacked
Mod Version: 1.00, by SEOvB
| vB Version: 4.x.x | Rating:  (4 votes - 2.50 average) |
Installs: 30 |
| Released: 05 Nov 2013 | Last Update: Never | Downloads: 197 |
 Not Supported
 Additional Files
|
||
//////////////////////////////////
// This Script is Brought To You By: http://seovb.com
//////////////////////////////////
As most of us know, a vulnerability in the install directory was recently found in vBulletin. Due to this vulnerability, thousands of vBulletin-powered sites got hacked; hackers managed to gain access to the AdminCP to inject malicious content.
When a forum is first hacked, hackers create admin accounts for themselves, and that's actually the time where cleanup is most required, to fence off the hackers and enhance security. But, majority of forum owners don't even know they actually got hacked until Google puts a veil on their forum with malware warning page.
At that point, removing the install directory, the main point of entry for hackers, won't help because the forum has already been compromised, and a more thorough checkup is needed to ensure that no malicious code has been injected.
- What This Script Does ?
This script will scan forum templates, plugins, phrases, announcements and forum titles and descriptions to detect potential and confirmed malicious code. It will give you the information you need to determine whether or not your forum has been hacked, and a recommendation on what action to take next.
- Demo Link
You can view a live demo of the script http://demo.seovb.com/SEOvB_Hack_Checker.php.
- How to Upload:
Upload SEOvB_Hack_Checker.php in root of forum files on server (Within public_html if forum is installed on root, upload in any other directory if forum is installed on /public_html/exampledirectory)
- How to Access the Script:
Point your browser's address bar to open http://www.YOURFORUMURL.com/forum/SEOvB_Hack_Checker.php (Case sensitive and suppose if forum is installed into /forum/ directory on server.)
- New Templates
None.
- Database Changes
None.
- Setup Instructions
No setup is needed.
- What does it do?
It tests for potential and confirmed malicious code in certain sections of your forum database, and it arranges the test results in an easy-to-read table.
If you receive a 'Warning' message, it means that the script detects some code or recent change to your forum that may be cause for concern, but isn't for certain a hack. The script scans for changes made within the last 3 months, so if you have made many changes to your forum skin or mod assortment within the past 3 months, there may be some false positives.
You can review the extra information in the test results section to determine whether or not your forum needs further cleaning. However, even with just one 'Warning', we highly recommend a full investigation and cleanup process to make sure that your forum is safe.
If you receive a 'Hacked' message, it means that your forum has definitely been compromised, and a thorough cleanup needs to be performed ASAP.
If you receive only 'All Clear' messages, it means that your forum has not been hacked.
- Requirements
Should work on all vBulletin versions of 4.x.x
- Uninstall Instructions
Delete SEOvB_Hack_Checker.php file from root of forum files.
- FAQs
- After I remove malicious items from my forum, what this script will do ?
It will say 'All Clear' for the cleared items.
- Some of the items are coming with 'All Clear' except 1, what does it mean ?
Your forum may require cleanup.
- Will it tell me which items are containing warning ?
Yes, it will. It will let you know, if templates are infected, with the template name and last modified by whom.
// This Script is Brought To You By: http://seovb.com
//////////////////////////////////
As most of us know, a vulnerability in the install directory was recently found in vBulletin. Due to this vulnerability, thousands of vBulletin-powered sites got hacked; hackers managed to gain access to the AdminCP to inject malicious content.
When a forum is first hacked, hackers create admin accounts for themselves, and that's actually the time where cleanup is most required, to fence off the hackers and enhance security. But, majority of forum owners don't even know they actually got hacked until Google puts a veil on their forum with malware warning page.
At that point, removing the install directory, the main point of entry for hackers, won't help because the forum has already been compromised, and a more thorough checkup is needed to ensure that no malicious code has been injected.
- What This Script Does ?
This script will scan forum templates, plugins, phrases, announcements and forum titles and descriptions to detect potential and confirmed malicious code. It will give you the information you need to determine whether or not your forum has been hacked, and a recommendation on what action to take next.
- Demo Link
You can view a live demo of the script http://demo.seovb.com/SEOvB_Hack_Checker.php.
- How to Upload:
Upload SEOvB_Hack_Checker.php in root of forum files on server (Within public_html if forum is installed on root, upload in any other directory if forum is installed on /public_html/exampledirectory)
- How to Access the Script:
Point your browser's address bar to open http://www.YOURFORUMURL.com/forum/SEOvB_Hack_Checker.php (Case sensitive and suppose if forum is installed into /forum/ directory on server.)
- New Templates
None.
- Database Changes
None.
- Setup Instructions
No setup is needed.
- What does it do?
It tests for potential and confirmed malicious code in certain sections of your forum database, and it arranges the test results in an easy-to-read table.
If you receive a 'Warning' message, it means that the script detects some code or recent change to your forum that may be cause for concern, but isn't for certain a hack. The script scans for changes made within the last 3 months, so if you have made many changes to your forum skin or mod assortment within the past 3 months, there may be some false positives.
You can review the extra information in the test results section to determine whether or not your forum needs further cleaning. However, even with just one 'Warning', we highly recommend a full investigation and cleanup process to make sure that your forum is safe.
If you receive a 'Hacked' message, it means that your forum has definitely been compromised, and a thorough cleanup needs to be performed ASAP.
If you receive only 'All Clear' messages, it means that your forum has not been hacked.
- Requirements
Should work on all vBulletin versions of 4.x.x
- Uninstall Instructions
Delete SEOvB_Hack_Checker.php file from root of forum files.
- FAQs
- After I remove malicious items from my forum, what this script will do ?
It will say 'All Clear' for the cleared items.
- Some of the items are coming with 'All Clear' except 1, what does it mean ?
Your forum may require cleanup.
- Will it tell me which items are containing warning ?
Yes, it will. It will let you know, if templates are infected, with the template name and last modified by whom.
Download
SEOvB_Hack_Checker.php (6.2 KB, 203 downloads)
Screenshots
