vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Vbulletin 4.2.0 Hacked? (https://vborg.vbsupport.ru/showthread.php?t=284939)

rockerzteam 06-26-2012 01:54 PM
Vbulletin 4.2.0 Hacked?
 
Looks like a vulnerability have been found in 4.2.0.... A few websites running it have been hacked and taken down by this group.

XXXXXX hacked by trading-network.to
best german underground forum <3
REGARDS bizznez

Anyone know of these unexplained attacks?

Lynne 06-26-2012 02:23 PM
Were they running 4.2.0PL2?

rockerzteam 06-26-2012 02:26 PM
They had all the updated patches installed waiting for a response from them.....

Lynne 06-26-2012 03:30 PM
Find out if they were running any modifications also. And, make sure they check their access_logs to see what actually happened.

rockerzteam 06-26-2012 05:08 PM
How ever they got in they were able to obtain a full database backup,users,passwords,and delete all files from there FTP.

borbole 06-26-2012 07:00 PM
Quote:
Originally Posted by rockerzteam (Post 2343113)
How ever they got in they were able to obtain a full database backup,users,passwords,and delete all files from there FTP.
If they deleted all the files through Ftp then it looks like the point of entry is not vb itself but some other third party stuff.

Lynne 06-26-2012 08:38 PM
Yeah, they got in through the server if they were able to take a database backup, and download it, and delete files.

rockerzteam 06-26-2012 11:30 PM
Very strange. With the amount of security and difficulty they put into a generated password i find this scary for the rest of us.

kh99 06-26-2012 11:35 PM
Quote:
Originally Posted by rockerzteam (Post 2343113)
How ever they got in they were able to obtain a full database backup,users,passwords,and delete all files from there FTP.
I'm curious, how do you know exactly what they were able to get? And when you say "from FTP", do you mean you know they did it via ftp?

Lynne 06-27-2012 12:55 AM
Quote:
Originally Posted by rockerzteam (Post 2343176)
Very strange. With the amount of security and difficulty they put into a generated password i find this scary for the rest of us.
You really haven't told us enough for us to say it was a matter of someone hacking the password. If they are on a shared server, it could have been through another account. If their own computer was compromised, their password could have been grabbed that way. It's really impossible to tell exactly how this happen with the little information given.

borbole 06-27-2012 09:03 AM
Indeed, without more info it is hard to know what exactly happened. All one can do is to guess and speculate. But that Ftp thing leads me to believe that it might have been a gumblar type of attack. Anyway, the thing is that there is no reason for panic that there is a security issue with the latest version of vb. Because if it was, then more forums would have been hacked and news would have been all over the net.

nhawk 06-27-2012 09:39 AM
This is the exact reason I don't deal with shared hosting, and why on every server I manage FTP and SSH is either limited access by IP address or is not accessible on the public IP for the servers.


All times are GMT. The time now is 07:13 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01540 seconds
  • Memory Usage 1,729KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (12)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete