Someone is getting accounts and changing the pass, I use the revcms basic version 1.9.9.9 without any new themes or addons. I have deleted the forgot exploit but it still happens. He has no access to the vps server or something, I already changed the pass. Nothing helped.
I have the IIS logs but still can't find something, where should I search for?
Last edited by DutchenL; 13-01-16 at 03:30 PM.
This could be anything from forgotten password exploit but from reading above you've removed this? So its possible your HK isn't safe and they can exploit it to rank themselves, try removing HK for a few house and see if he still ranks himself, if he doesn't then its obvs its the HK.
I've never used the hk and I already deleted this for monthsOriginally Posted by Robot
And I searched in the logs for 'ase' but couldn't find anything
Meh I couldn't help you then.
Maybe it's the badge.php in the /habbo-imaging/ folder?
- - - Updated - - -
I also found this, has something to do with the SWF:
2016-01-13 12:37:34 GET /r69/sh_lion.swf &counterparameter=4 80 - Mozilla/5.0+(Windows+NT+10.0;+WOW64;+rv:43.0)+Gecko/20100101+Firefox/43.0 404 0 2 56
the '&counterparamater=4' looks suspicious, or not?
yeh, he prolly got dat new super flash hack program 1.0
Not funny..
Reply With Quote![Exploit [RevCMS]](http://ragezone.com/hyper728.png)