Hi, recently my forum has acquired a new stylist. Is it possible a keylogger could be implemented into styles on a vBulletin 4.2.2 Forum? If so, how do I detect if one has been added?

Thanks.

Who installed the style and where was it downloaded from

Nah, no one from vBulletin org installed it, they actually manually added it by the admin cp (using style manager) because they offered their work. They work for another forum and I like what I saw, I even had the m prove they were on that forum's moderation team AND style team, so I'm guessing they're trusted.

How do I detect a keylogger, though? Where do I look in styles/templates to see if there's a keylogger in a style?

What makes you think there is one and why you think it's in the style. If you have been hacked I would look in plugin manager

This user does not have access to plugins/products. They only have Styles/Templates option in the AdminCP.

What I'm asking though is if it's possible to put a keylogger in a generated style via Style Manager alone, and if yes then how to detect one?

No idea am sure someone can answer that question better, but something must of happened to make you think this has happened

Well, they definitely could load javascript from another site, and that could be used to trick the user into doing things they think they're doing on your site. I'm not sure it's possible to make a keylogger in javascript, but it probably wouldn't be too hard to trick a user into entering their password though, if that's what you're worried about (in fact that could probably be done just by loading html).

You'd really need someone who knows styles to look it over. But you could start by using "Search in Templates" to search that style for '<script ' (without the quotes). But again you'd need to know something about javascript to know if anything found belongs there or not. Seeing the url of another site anywhere in the code would be one red flag. You could also try searching for '<iframe '. There probably shouldn't be any of those, but again you'd have to know what to look for.

It's fairly easy to make a keylogger in JavaScript, doesn't require in-depth knowledge of JavaScript.
Like kh99 said, search for script and iframe tags in your theme.

Hi, recently my forum has acquired a new stylist. Is it possible a keylogger could be implemented into styles on a vBulletin 4.2.2 Forum? If so, how do I detect if one has been added?

Thanks.

Talk with Dave (who posted above) he would be the one to help you.

It's fairly easy to make a keylogger in JavaScript, doesn't require in-depth knowledge of JavaScript.
Like kh99 said, search for script and iframe tags in your theme.

lol, yeah, I just googled it out of curiosity and it is pretty simple.

Personally I'd look in portions of the new style that are 'always loaded' on every page or at least portions that are loaded and implemented in the login portion. It's been awhile since I've worked with styles, but honestly it's pretty easy to create a XSS Keylogger wil Vbulletin.

Search in your templates for anything such as the following:

document.onkeypress = function

You may have better luck with just

document.onkeypress =

I have more that you could potentially look for, but by putting it up here, I risk distributing the knowledge of how to create a fairly troublesome keylogger.