Yet you posted 10 posts in this topic already, all proving the point I made that you quoted.

If there is an equivalent thread on .com, PLEASE post a link to it! That sounds like a lot of fun to read. PERIOD.

Guys, please don't be mean spirited. While I agree the original poster is not being logical about solving the problem, provoking somebody who has been hacked is neither kind nor constructive.

Yes, because apparently based upon some of the recent threads around here the right to be mean spirited is reserved for staff only.

Amy, that sentiment is not pointed at anybody in particular but it's getting to be a pretty common sight lately that if a staff member makes a light-hearted comment then it's OK but if a mere mortal makes a similar comment or responds to the staff members comment then another staff member comes along to whack the mortal across the knuckles with a ruler.





{Kevin goes back to his cave, expecting to admonished yet again for daring to question the voice of authority.}

You get those too? I got one for quoting Jim Carey. I thought it was funny but apparently it wasnt.

There are only a few people in here that are kind enough to try and explain something to someone. You are here to piss people off and try and make someone look stupid. As I told you before and I will tell you again. It is not my server, it is vbulletin. Believe it or not, there are tons of exploits for every forum software. I simply asked for some assistance.

disable all your hacks. if that doesn't work, then it is a PICNIC problem. for sure.

lmao... vB is NOT by far the secureist(Spelling?) BB out there by far.

Any half wit cvan gain access to your admin/smod users with nothing less then a brute forcer.

Heres some suggestions for the OP

1) Make your mods+ have SECURE passwords. I can almost positively say yours don't. they most likely have silly dictionary words.

thats th eonly option I will give you. everyone else took the rest.

IE - Remove those permissions from your smods
- Demot the SMOD if it's the same account geting it.


This next one will sound silly. Are you SURE you paid for it? Me myself if I had an issue like this the FIRST thing I would do is talk to vb.com about it... not bring it here.. since they WOULD be the best avenue.

Also What web server do you run?

Apache?
lighttpd?

I forget any others that may be out there.. mainly because they suck. if it's apache then... get rid of it... There are a number of security hoels in apache, most have fixes out there but I doubt you would take the time to find them.

lighttpd is the most secure of them all.

I would also install things like "Base" they help you with server security.

Windows or *nix?

It is well known windows based servers have crap security in themselves. easy as pie to get into and gain control. This is why 80% of those with brains use *nix for web properties.

Can you tell me how you do this? As you cannot attempt a brute force on vB3/3.5/3.6 without having a sites strikes systems disabled, even if you get the md5 hash of a cookie you'd need to obtain the secondary salt used by the cookie hashing system to actually brute force the real password. So you tell me now how you brute force the password, and if you can do it, take a shot at mine, :)

Considering how well aged the apache base is, if there are still security exploits with the most recent versions, 1.3.36 2.0.58 and 2.2.2 please report them.

If you are going to spout FUD here, please take it else where, theres no mass difference between a windows and linux server preformance or security wise with a competant system administrator.

Edit: so if vB is not the most secure, what is?



Now to the original poster, if you _truely_ believe this is a fault of the core vBulletin software PLEASE! send in a support ticket with as much information you can give us and if possible be willing to provide us with access to your webservers logs and other access we may request.

There are _no_ known issues at this time with any of the vBulletin core packages, 2.3.9 3.0.14 3.5.4 and 3.6.0 beta 3, if you know of one please report it to vBulletin.com via the members area.

Um, people aren't saying it's your server. We're saying it's software you've installed on your server and we've told you repeatedly how to go about tracking down the problem. At this point, it seems you don't want help - you want to fight. If you wanted help, you would have gone to Jelsoft - the makers of the software you feel is flawed.

I'm closing this because you don't seem to want any actual advice and just want to call people names.

Do you have ANY evidence to prove it? Has Jelsoft commented on your issue? Is there a known bug that can be discussed here?

Based on what you've said in these forums, the answer is thus far NO.

There are thousands of sites running VB. To go into a public forum and claim that VB has a vulnerability that was actually exploited on your site several times in under one week is certainly ridiculous.

If you can't offer up a single shred of evidence that it was indeed VB and not any of the backdoors you have undoubtedly left open, don't expect much help from this community. We work with facts, not heresay.

seriously. sell me your vb license and move on.

That's a bit broad, don't you think? It'd be like my alternator going in my car, and saying that "It's the motor".

What part of vB do you think has/had the vulnerability? If I brute-force SSH to a box and scrap the database, I'm breaking vBulletin, but vBulletin is NOT the issue.

Without knowing what/where/how you were hacked, it's a bit short-sighted to point the finger at vB.

Why do they not research it and stop blaming it on other people. As you can see, I am not the only one who has had a problem such as this. Vbulletin needs to investigate the hole. ANd stop jumping down my throat.

See how disrespectful you people are? You swear by something that you have not even invesitaged. There was no brute force on the server. I do have the logs to prove that smarty. If I knew what part of vb they came in through I would not have came here to ask for help. I had used other forum software for a long time before switching to vb, then the day I switch, I get hacked. To me that is a little too circumstantial.

Again, you are making claims that you are backing up with ZERO information.

What do you want them to research? Should they just start looking through the hundreds of thousands of lines of code for a vulnerability that they had not previously found?

Post your WWW logs
Post your admincp logs
Post a screen shot of what they are actually doing to your site

Post SOMETHING or stop making baseless claims about the security of a good product!

Andromeda2875, I have already warned you once.