vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   Good thing I migrated from UBBThreads in time.... (https://vborg.vbsupport.ru/showthread.php?t=116647)

MPDev 05-25-2006 05:36 PM
Good thing I migrated from UBBThreads in time....
 
Quote:
Yesterday the Turkish cracker going by the handle "Iskorpitx", successfully hacked 21,549 websites in one shot (plus 17,000 as our last update) and defaced (on a secondary page) all of them with a message showing the Turkish flag (with AtaTurk face on it) and reporting:

"HACKED BY iSKORPiTX
(TURKISH HACKER)
Wouldn't you know we reported these problems years ago and now the customers are paying the price. Users reporting their servers have been hacked and compromised with various processes and scripts added.

For those of you who critize vB for releasing security updates as soon as they encounter them, this is why its important to have timely reponses.

AWS 05-25-2006 11:01 PM
You have to consider the fact that threads is coded by one person while vbulletin is done by a team.
None the less exploits from threads perl version are still exploitable in the php version. Until threads is rewritten from the ground up these exploits will exist. Not to mention that there is an exploit that is 2 years old that still isn't fixed even after the fix was submitted to Rick. There is one that is over 5 years old that existed in wwwthreads perl v3.5 and is still exploitable in 6.5.4.

Romeos Tune 05-26-2006 09:20 PM
I had a similar problem like this too. I quite threads a long time ago but left the software on the server. One day I get an e-mail from abuse saying I was running a phishing site and guess what... It was in the ubbthreads directory.... grrrrrrrrrr


All times are GMT. The time now is 08:17 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00986 seconds
  • Memory Usage 1,711KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete