![]() |
VBulletin is not built for security
Here is a quote from the following article (towards the bottom of the article):
http://www.foxnews.com/us/2012/04/10...down-al-qaeda/ Quote:
|
Getting in through modifications that have been installed and such. Even if the site is taken down, since security level must be *low*. That's what back-ups are in store for! :)
Wonder if Jelsoft could respond back... |
for a fact, real hackers are not using the frontend to hack servers... vBulletin is not a backend manager, so no, vBulletin is not built for security... morons!
|
I thought it was interesting that those sites use vBulletin and that was the only bb software he mentioned in that article. You would think the vBulletin people would not want any part of groups like that by allowing them to use vb. Goes to show you that money is their only motive, huh?
|
groups... why make selection...
btw, AlKaida do not need a license of vB... do you seriously think they would register at vb.com to pay a license... nah... but the reporter checked the software used on their site, that's all... |
Quote:
|
Doh, Boofu. :D
Quote:
I'm surprised that a "cyberterror expert" such as Bardin can make himself look so ignorant on security matters. Unless they have some sort of secret cache of vB 0day's I'm positive vB is more secure than most other BB software. |
Quote:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
|
:cool:
|
Quote:
Quote:
Quote:
Quote:
|
Oh look! A sensationalist article from the one news source quite possibly less informative than a potato.
On second thought, let's not go to vBulletin.org. It is a silly place. |
Quote:
|
Quote:
Quote:
Quote:
Quote:
|
Quote:
|
You missed the whole point, Paul. But then, coming after me and picking my posts apart has become your mission. Twisting words and not reading between the lines lowers you to my level. Welcome aboard! ;)
|
https://vborg.vbsupport.ru/external/2012/04/36.jpg
Level: Ad Hominem |
That really wasn't necessary or warranted. Did you not see the smilie in that post?
|
i like the colors...
|
Nexia's the bossman.
On a serious note, if hackers can hack high profile intelligence sites such as the CIA or big multi-national corps such as Sony then they can hack a vB install(or any software for that matter), now only the hacker probably knows whether they went for a front or back exploit. As majority admins to claim it as a server side hack rather than the software install, which is often the 98% true. |
That's my point. Some "expert hacker" isn't going to go through vBulletin, he's going to get root access to the server. I find it laughable that a "cyberterror expert" would honestly think a hacker does his damage by exploiting a software such as vB.
|
Quote:
Though, I don't think it really matters what I say. It's hard to be impartial and objective in this situation when you work for Internet Brands. |
Quote:
|
I think he meant that all of them, INCLUDING vBulletin, are prone to vulnerabilities. But, twist it the way you want to, I guess.
|
What's this thread about? I'm lost...
:p |
Quote:
https://vborg.vbsupport.ru/external/2012/04/35.jpg |
base vbulletin vulnerablities , whenever is sported by vbulletin staff here or in .com , are fixed right away or a tracker issue is reported next to it.
Other than that , if u use any modification which has any kind of exploit , what will the staff here can do , so first always before using a modification , always use modifications which are in here , as supported. DO not install unsuported modifications say like beta , or any other things.... Also before installing any modification , you should always try it on a demo site and play with it , check it's templates , hook system and what more you can do with it. And also , hackers as i know , tends to have knowledge about your server. Most of the time , there is an exploit which happens to your server, which gets exploited by hackers to use. and also , do not allow xml or html scripts to be uploaded to your server directly and they should not be executed. much writting ..... hands in pain. And aswell : Thanks vb.org Staff or helping us . :) you guys are goooood. |
And i thought my misses could +++++ and moan, nice read before bed though.
|
Quote:
Entertaining posts fellas. I really enjoyed reading the replies. |
I guess my quoting the vBulletin part in the first post has awakened the vb monster in a few of us, both good and bad. ;)
|
I wonder why Bardin thinks IB can "hack" into any vB board... They have our license information and that's it.
|
The write the code and they have the call home feature. I'm sure they could put some backdoor code in if they really wanted to, although I don't really believe that is the case. Just saying.
|
If they had a backdoor I'm sure it would have been discovered by now. If not, they've done a really good job hiding it.
|
As I sated, I don't believe any backdoor exists either. I was just playing the devil's advocate.
|
If "th3raptor" really is as skilled a hacker as is claimed then surely he must know there is no code in vBulletin to give the US Government (or anyone) secret access to VB forums.
Therefore I must assume he said those comments on purpose to "scare" those who would be using forums for terror planning activities. |
Why don't we ask OldSchoolDSL? His sig says he is an "Official Member of Anonymous". ;)
|
Quote:
|
All times are GMT. The time now is 10:29 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
![]() |
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|