vb.org Archive
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   vbulletin hacked (https://vborg.vbsupport.ru/showthread.php?t=187974)

RS25com 09-25-2008 08:15 PM
Interesting. Sounds like he is saying the script he used to exploit the site was already installed elsewhere on the server. Quite bummer.

For reference, I host with Hostgator (dedicated server) and after getting hacked a few times in the past (uploading the .txt shell script files) I had them install mod_security and use the same ruleset they use on their public hosting servers. So far I have not been exploited since. :)

Marco van Herwaarden 09-26-2008 08:04 AM
Quote:
i was have phpshell script on the server that ur site has hosted on . .

but i was user and it mean that i can only read files from other sites on the server
These 2 lines are the key in this whole conversation.

It simply means that your host has not secured the shared server you are on. Other customers of this host can read your files. As long as this is possible, nothing you do will stop someone:

Solutions:
- Contact your host and have them bring their security up2date.
- Change host!!!!

clasione 10-10-2008 01:37 AM
As far as I know this has nothing to do with plugins... This happened to two of my forums. I upgraded to the latest version and it just happened again... I host with Rackspace which went over my machine looking for vulnerabilties the first time this happened...

I think it is a whole in vbulletin.

Is there a way to lock the spacer_open table in the database to stop them from inserting their code?

--------------- Added [DATE]1223661876[/DATE] at [TIME]1223661876[/TIME] ---------------

this is a pretty decent size vulnerability... happened to me again...

hantousha 10-31-2008 01:00 AM
I am having the same problem with been hacked very often by placing a base64 code.. Have we found a fix. I changed hosters, did a cleaned install of 3.73PL1, and still been able to be hacked.

UKBusinessLive 10-31-2008 06:08 AM
Just to be extra safe guys make sure you Check your file/folder permissions.

FILE permissions shouldn't be higher than 644

FOLDER permissions shouldn't be higher than 755

:cool:


All times are GMT. The time now is 01:28 PM.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01117 seconds
  • Memory Usage 1,726KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (5)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete