Hacked by Team Animus?

Please read this thread:
https://vborg.vbsupport.ru/showthread.php?t=263202

you may have been the last to fix your site lol. blown over by now i hope. they all hit 24 hours ago. 10 hours of that was fixing all my forums because of your mod. i guess its install at own risk but still, should this hack be in the grave yard or will an update be released?

edit: opps sorry just sen the update, will wait for feed back thanks.

Bug has been fixed yesterday.

21:55 CET - Bug reported
‎22:22 CET - Bug fixed
22:26 CET - Update posted

i am waiting official answer this security bug/hack/exploit is fixed or not.

mod hacks is safe to use or not

Whom "official" do you expect to answer here?

my question not answer here or vb.com

i know my friend

i know is big mistake give money to buy VB 3.x or VB 4.x and dont try other payment or open/free source software with good support.

You did not give money to anyone in order to use this mod, and vBS does not check or take responsibility for third party code, which is entirely normal. But this is a modification thread, so this is OT.

my friend maybe dont understand me.

i give money to buy VB licence (software) 3.x Version and 4.x Version
i give money to buy DOMAIN NAME/HOST SERVICE

dont give any money this mod hacks or plugins (but support work this coders make this usefull plugins)

without this 3rd party plugins have one portal/site/forum/blog dont like to anyone.

all payment software for websites and all open source have plug ins and SAFE.

other coders/developers if know give good support

the vb.com i am sorry not have good support (except if pay this)

thats say big mistake give any money for VB.

next time to create website never using VB.

(sorry my english i am from greece)

/misc.php?do=cfrules_mng gives me a blank page after upgraded to 4.0.3 from 4.0.2. Anyone has the same problem?

v4.0.4 - May 06. 2011.
-Fixed: vbseo users not able to switch rules

To update:
-Import XML, allow overwrite

thanks for the hard work making this program as well as working on it. I'm sure i will use it again as i did like it. but at this time I'm going to wait a bit see the ones with more time and knowledge on fixing forums use this . as i have been trying to clean up now for next to 2 days .. and thats my fault for just learning this stuff.. LOL.

Valter is good and trusted coder and using many CYB_ mod hacks.

but this mod hack uninstalled from my site and maybe other mod hacks have uninstalled.

sorry nothing personal Valter but is too risk lost everything on my site/forum. (dont have much time to install and setup again)

These things happen and can strike any software at any time. This is why I keep 3 different backups of my forums.. one on disk, one on a different box at the host, and one that is rsync'd to my local machine at home (in a vm session which is then shut down after sync and also duplicated to a NAS). If you do not have a good backup system in place, then you're asking for it.

BACKUP (many places is safe) is the first word to know anyone have job to IT Department.

dont worry my friend already using backup any day / any time (SQL DB / FILES DB) for many places on server and on my computer.

i am not trust any backup after hack attack (reason is the hacker have modify .php or .html files or templates or sql db or....and never see the "bad code")

i am say anyone hacked my VB 3.x force to deleted everything on my server and install / setup new VB 4.x without any mod/hack.

you sound sure of your self that you have fixed the security hole.
like hundreds of forums hacked must hurt in some way yeah?

anyway, im going to put this to the test and re-install and go live.

one thing is the demo link still is not live which makes it iffy :rolleyes:

What kind of bull**** is this? What do you want to hear? Is he to confess and wear sackcloth and ashes? Would you prefer a pillory? He's offering free addons for vB, and security issues have known to be found in any kind of software. Nobody forces you to use it, but if you're unaware that installing addons carries a risk, since all humans are prone to errors, it's your own fault. He sure did not do it on purpose. But if this kind of sniping is good for your ego...

And yes, the security hole is fixed indeed.

ok update, everything seems ok now for those that are to scared to re-install. been a night and half a day, all seems good. @cellarius, hey moron, i felt sorry for the guy. you need to think before talking out your rear end.

thanks Valter ;)

Then you should make yourself clearer. Even after reading your wording again, I just can't understand it in any other way that I did - moron yourself.

After upgrading to 4.0.3 first and then 4.0.4 rules are not displayed, empty box at misc.php?do=cfrules

I wish i could download old versions, i was on 3.6, probably even not affected by the bug :/

Everybody was affected by the bug, there was some unescaped POST-Data, so SQL-Injection was possible independant of the vBulletin-version.

I have updated to 4.0.3 first and then 4.0.4, my rules are still intact. You know that you have to reactivate the plugin, right? Because as long as you haven't activated it, you can't look at your rules and will be forwarded to the smiley page.

if ya got a problem pm me, if not zip it ;)

----------

anyway BACK on topic!

when you click last post icon on a forum, it re-directs to rules nicely, but once accepted and submit a message shows: No Thread specified. If you followed a valid link, please notify the administrator.

cheers. :up:

There are still some bugs in this hack, i have jumped directly from 3.9.2 to v4.0.4 and i´m on vb 3.8.4 patch L 2.

Unique problem i have, that after forcing members to re read rules, he has no way of accepting them, he is directed to the rules page, but there is no button to agree with them ...

Any help would be appreciated, as is a great mod and addition to vbulletin

After the exploit, there were some recommendations that said to completely uninstall vs. disable, and that is what I did. If I reinstall, will the members that previously accepted have to reaccept again? I'm hoping not.

My questions rarely get answered here in the forums, so I don't expect this time to be any different, but I'll ask anyway :p

Well, now I have to answer, even if I don't know for sure. :) But looking at the code I'd say yes, it seems to save the "accepted" state for a user in the user table, and it drops that column when it's uninstalled, so they'll probably have to accept again.

Personally, I'm waiting a little longer before reinstalling.

Huh, i did un install it and it fudge up my custom styles ... and i like the hack so i?ll be still very happy if any one could help me with sorting my above problem

Thx in advance
RD

Very interesting and useful mod. I will be installing this shortly. :)

v4.0.5 - May 18. 2011.
-Fixed: Security bug
-Improved rule acceptance check

To upgrade:
Import XML, allow overwrite

updated. thanks. :)

Thanks for your swift responses to needed updates.

you are the man, thanks ;)

wait and see if this update fix problem as previouse didn't...

Still same problem as before, user is not able to accept the rules ... Uninstalled :(

Installed and updated, working and can accept the rules... Thanks Valter

LOL.

Of course he does, but that doesn't mean he can't take 2 mins. To make a post to state that everyone using the hack could be hacked and should disable it. At least people could disable the hack quickly and save themselves from being hacked.

Anyways glad the problem has been fixed.

Truth be told I think many hacks here at vBorg are exploitable. But no one looks deeply into the code. And well the hackers out there do that since they have no life but to go around hacking boards.

And possibly in vB itself. NO software is perfect.
I've reviewed all the plugins we use, and am happy were now ok. Not having a site tech and only relying on 3rd parties is not a good idea.

Kym

vb.org does that for him automatically once the addon goes into quarantine. A notification mail goes to everyone who has marked the addon as installed. They often end up in Spam Filters, though, as happened for me this time (just make sure you have your filters set up to let mails from vb.org through)

Went to my spam folder as well. I am geussing it is because of "quarantine" being in the message.

When I came back to thank you the mod had been quarantined and I couldn't reply. So thank you very much for answering my question.

I personally love the concept of this mod, but I think some jerks are going to continue to try to break it.

The main feature I liked about this mod was redirecting users who've received an infraction to the general rules page. I also liked being able to setup different rules.

We have general, marketplace, and developers. I ended up creating FAQ pages for each and then created a pulldown in my navbar to get to them. So the only feature I am missing out on is the redirect for infractions. Maybe I'll write my own plugin that does that someday.

Yeah, that's the way it goes I guess. Thing is, I feel pretty confident now that it's OK. After the first problem the focus was on the SQL statements, and a non-SQL problem was missed. But after the second time I think all user input has been gone over by more than one developer, so I think it's probably safe now.

I never said scripts are perfect. I said they could've addressed it sooner. And for mods usually the script is NOT updated that fast compared to vB, which is fixed usually within a few hrs.

That may have happened, but I believe they quarantined the mod so late that many websites were already hacked at that point.