Kayla

You know cerjamz? You think it's possible that he deleted a table in his database?

__________________

Drewish

no, i dont think he deleted a table in his database, hes not a complete idiot.

but I do think this whole argument and bashing surpass thing is really childish and pointless.

cerjamz

yes, i went into my own database and deleted the table WHILE I WAS ASLEEP!


drewish is an idiot, end of story.

and never got your email kayla, but got pw working via forgot password link. amazingly.

Kayla

When I reset that password it probably helped things along. Looks like like everything possible is working against this situation so far. I am glad you are able to reply to the ticket again now.

__________________

Elite

CPanel exploit?

You've got to be kidding me.

There was infact a remote access cPanel exploit a *while* back if I remember correctly, but considering Surpass always updates cPanel, I'm more than certain that couldn't have been it.

You're not running the latest version of vB (3.6.8 is newest).
3.6.4 suffers from SQL injection and Cross-site scripting. This might explain how your database got 'owned'. If you fell victim to either of these vulnerabilities, you are at fault, not Surpass.

Surpass does run Apache ModSecurity with quite a bit of rules added to it's configuration to help prevent a lot of common script exploitation from successfully being carried out. They've also got register_globals and allow_url_fopen disabled in their PHP configurations to prevent things like remote file inclusion.

Similarly, I lost a 200MB very large forum database a few years back because I had no backups. I know exactly how it feels.

Good luck getting your site back up and running.

cerjamz

i have to use dialup, hence why i cannot back it up as regularly as i'd like to. I leave it up to the staff, which the idiots havent done it for more than a week, it's not a big deal. Just pissed me off, and i'd have said it was a vbulletin exploit but all the cpanel logs had been wiped out.

Elite

Just because they got access to cPanel, doesn't mean you didn't get exploited via vB. You use similar usernames and passwords?

cerjamz

Nope, every user has its own pw and username. cpanel user and pw was random to anything ive ever used.

Elite

I bet if someone used the right exploit on vB, they could wipe the cPanel logs. Due to PHPSuExec, PHP should be ran as whatever your account name is (with privledges for anything under your account). All you need to do is obtain a shell (phpshell) and you can own the whole damn account.