vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Users can take ur backups? :| (https://vborg.vbsupport.ru/showthread.php?t=119692)

HostileAdam 06-26-2006 12:31 PM
Users can take ur backups? :|
 
My friend just got hacked, and the dude was able to get his backups through a exploit or something and he was using 3.5.4 i hope there will be a fix for this soon as i dont want that happening to me. He somehow got the database information

DementedMindz 06-26-2006 12:44 PM
i dont think it was a exploit in vbulletin it was more then likely a exploit on his server

Guest210212002 06-28-2006 12:11 AM
If he's backing up to the filesystem somewhere underneath the forum root, really all the "hacker" had to do was get the URL. Eg if his backup path is httpdocs/forums/backups/backup.sql, it's as simple as navigating to whatever.com/forums/backup/backup.sql and downloading it. The problem there isn't vBulletin, it's just bad admin policy.

Useless side trivia: This was a big deal on MS servers, because in older versions of windows you could exploit the print buffer and force your way into the shell if the machine was running IIS. Would-be hackers, once in the shell, could copy whatever they'd like into the web structure and download whatever they wanted that way.

Marco van Herwaarden 06-28-2006 02:18 PM
Could you pm me a link to his site please.


All times are GMT. The time now is 12:54 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00957 seconds
  • Memory Usage 1,707KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete