vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   Exploit Question (https://vborg.vbsupport.ru/showthread.php?t=143341)

Sychev_S 03-27-2007 07:17 PM
Exploit Question
 
One of my members threatened me to hack my board and today he I would assume used some exploit to make counless posts containing "sitename1", "sitename2" and so on in all of the forums.
I removed all of his posts, made time betwene posts 30 sec and banned him, but is there any other way to prevent those occurances in the future? also does anybody know whihc exploit he used or where can I get mroe info on that topic?

Marco van Herwaarden 03-27-2007 07:24 PM
What modifcations do you have installed?

Sychev_S 03-27-2007 07:31 PM
Here ;)
Quote:
Advanced Memberlist Searching
CES Profile Field Parser
GARS
Lv vB Event Forums
Members who have visited the forum
Miserable Users
MySpace/YouTube/Google Video Addon
No Rules Agree on Register
Quick Account Switch
Referrer Statistics
v3 Arcade
VB image hosting
vBadvanced CMPS
vBlogetin
vS-Interactive Profiles
vS-Invites System
Watermark Attachments

Marco van Herwaarden 03-27-2007 07:45 PM
I don't see an obvious vulnerable modification in that list.

What was your time between posts set to before you changed it?

Sychev_S 03-27-2007 11:16 PM
It was about 4 seconds.

Paul M 03-27-2007 11:25 PM
That's way to small, you should set it to about 30 seconds.

Sychev_S 03-28-2007 03:17 AM
yeah, I did now.
Any idea what he used to do that?

Hazel77 03-28-2007 07:11 PM
Quote:
Originally Posted by Sychev_S (Post 1214213)
yeah, I did now.
Any idea what he used to do that?
His own fingers and the copy and paste function.

Sychev_S 03-28-2007 08:05 PM
you think so?
what he did is pretty much paste sitename1, sitename 2 all the way untill like 740....
I really doubt someone would do that by hand.....

Marco van Herwaarden 03-29-2007 06:54 AM
There are many programs on the net that can auto-submit webbased forms.

Princeton 03-29-2007 11:11 AM
Read How to Reduce Spam and Registration Bots @ vbulletin.com
http://www.vbulletin.com/forum/showthread.php?t=211647

Distance 03-29-2007 07:39 PM
As long as you have the latest version of vB installed with sensible mods / settings then the only chance of your forum getting hacked is if your server is comprimised.


All times are GMT. The time now is 01:18 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01158 seconds
  • Memory Usage 1,727KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (12)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete