vb.org Archive
Page 32 of 35 « First 223031 32 3334 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.7 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=228)
-   -   Miscellaneous Hacks - Cyb - Advanced Forum Rules (https://vborg.vbsupport.ru/showthread.php?t=177559)

RCKSTR 05-05-2011 12:25 AM
done, thank you!

How do I mass change all user titles? they all say "Hacked by Team Animus"

Suiram 05-05-2011 01:22 AM
Since this mod was quarantined and then restored, (with the claim to have been fixed) does that mean someone here (vbulletin.org) went thru the code line by line to verify the fix and see if the rest of the code is safe? Someone very clever. Was it in fact the mod or something else? Is 4.0.3 safe?

Videx 05-05-2011 01:41 AM
Quote:
Originally Posted by Suiram (Post 2191987)
Is 4.0.3 safe?
Not really, since it's an older version. But whatever vulnerability they've recently discovered seems to be in a lot of different versions.

People found a possible exploit in this mod, but it is now fixed. If sites are still being hacked then the exploit probably lies elsewhere. Nevertheless, this mod has now become tainted and I've got it disabled for now.

BTW, if you've got vb4 you shouldn't have this version installed anyway as it's for vb3.7.

Alfa1 05-05-2011 01:46 AM
Several people report that their site was hacked after installing the latest version of AFR. However, its unclear if this is related to this addon or not.

Suiram 05-05-2011 02:23 AM
Quote:
Originally Posted by Videx (Post 2191993)
Not really, since it's an older version. But whatever vulnerability they've recently discovered seems to be in a lot of different versions.

People found a possible exploit in this mod, but it is now fixed. If sites are still being hacked then the exploit probably lies elsewhere. Nevertheless, this mod has now become tainted and I've got it disabled for now.

BTW, if you've got vb4 you shouldn't have this version installed anyway as it's for vb3.7.
I think you misunderstood. The current version for this mod is 4.0.3. You are thinking about the forum.

I expect an official reply from someone on these forums. I'm more interested in a generic reply to what they do when they "restore" a mod. You would think they would inspect the code and approve it to be re-released. Is that what happens?

Suiram 05-05-2011 02:33 AM
Quote:
Originally Posted by Alfa1 (Post 2191994)
Several people report that their site was hacked after installing the latest version of AFR. However, its unclear if this is related to this addon or not.
I've read this too. What's it mean exactly? How long after the update? Minutes? Hours?
And do they get hacked if they fix the breach and uninstall the mod?

Because this is the way I read their claims:
  1. their vb forum was using this mod @v4.0.2
  2. the forum was breached
  3. they read it may be the mod at fault
  4. they regain/clean their server/forums (one assumes!)
  5. they install the "fixed" 4.0.3 mod
  6. shortly after (minutes/hours?) they are hacked again
  7. they still blame the mod.

To them I say redo step 4 and then disable/uninstall the mod.
See if you get hacked again.
Yes? ==> Most likely not the mod.
No? ==> Hmmmmm.... ==> Enable/install the mod and now see.

(Unless their server is still compromised because it wasn't "cleaned" properly.)

Valter 05-05-2011 09:02 AM
v4.0.3 - May 04. 2011.
-Security bug fixed

To update:
-Import XML, allow overwrite


If your site has been hacked please check out this post:
http://www.vbulletin.com/forum/showt...15#post2154415

TaBsiCore 05-05-2011 09:40 AM
Quote:
Originally Posted by Langaleer (Post 2191900)
I installed the latest update, and now I'm "Hacked by Team Animus", so this is NOT fixed.
Is the bug now definitely fixed? Or did the second hack happened over the installed backdoor? The current situation is a bit confusing.

Valter 05-05-2011 09:45 AM
They have added some files, created new user,...

To properly remove hacking traces please check link posted above.

TaBsiCore 05-05-2011 09:47 AM
I wasn't hacked, the situation is only a bit confusing since other people report that they was hacked (again) even after they upgraded the addon.


All times are GMT. The time now is 10:57 AM.
Page 32 of 35 « First 223031 32 3334 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01553 seconds
  • Memory Usage 1,740KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete