vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Have Flash Chat integrated? BE ADVISED!!! (https://vborg.vbsupport.ru/showthread.php?t=131941)

michaelsilvia 11-19-2006 06:08 AM
Have Flash Chat integrated? BE ADVISED!!!
 
Guys I had Flash Chat installed on one of my forums. I was hacked through the flash chat and they go into my config file. How do I know? Because I talked to the hackers! They are a group of Turkish hackers that took down my site. They stated that there is a major security hole in Flash Chat that let them into my config file. They didn't speak the best English but they stated there was some "aedating" file they got into.

I am not a programmer! I am just warning everyone. I will post this in the Flash Chat forum. I am assuming they got in through the vB bridge, but am not sure. I love Flash Chat it is a shame I had to remove it because my members love it.

Anyone else get hacked?

Mike

Paul M 11-19-2006 09:22 AM
You should never assume anything. :)

That's an old and well known exploit (the aedating CMS files).

It has nothing to do with vb integration, and was fixed almost three months ago in Flashchat version 4.6.2.

Also, it can only be used if you have register globals enabled in php, which is another well known security issue that your host should fix.


All times are GMT. The time now is 11:08 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01032 seconds
  • Memory Usage 1,705KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (2)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete