vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   vB Getting Hacked (https://vborg.vbsupport.ru/showthread.php?t=170615)

mousegeek 02-15-2008 10:47 PM
vB Getting Hacked
 
I'm a member at many vB sites. And this past week there has been a lot of vB sites getting hacked badly. It happed to mine 4 days stright. Does anybody know why this is all of a sudden happening or we don't know?

Lynne 02-15-2008 11:22 PM
Usually it is because of some modification that has been installed. A month or so ago, there was an exploit discovered in a photo gallery application (sorry, I don't have it so I don't know the formal name of it) and so there were several sites hacked at that time.

Do you know if the sites you know of that got hacked have any modifications in common?

punchbowl 02-15-2008 11:35 PM
it's been pretty secure for me. People sometimes claim or think they've been hacked when it's really just people using the same username/pw at lots of different sites.

or whatever

mousegeek 02-15-2008 11:46 PM
See my site and a friend of mine who was just hacked today. We both have completely different mods on our sites yet both were hacked in almost identical ways.

Dismounted 02-16-2008 04:29 AM
Do you have any common modifications? It actually really doesn't matter as any SQL Injection vulnerability could inject into anything, ie. same result.

Marco van Herwaarden 02-16-2008 07:07 AM
You don't really give us much information to work with.

How was it "hacked"? What are the symptoms?
How are you hosted? Dedicated, shared,..?
Which modifications do you have installed?

falguni1 02-16-2008 09:28 AM
I think the hacked sites should be reported here so a proper study, diagonosis and solution can be worked out.

Opserty 02-16-2008 09:48 AM
vB sites? Are these domains that are running only vB forums? Because it may be possible for people to exploit other scripts hosted on the domain/server and use these to mess with the database and cause problems with the forums amongst other things.

Guest210212002 02-16-2008 01:20 PM
Quote:
Originally Posted by Dismounted (Post 1444247)
Do you have any common modifications? It actually really doesn't matter as any SQL Injection vulnerability could inject into anything, ie. same result.
Quoted for emphasis. One insecure mod that allows inject is all it takes.

mousegeek 02-17-2008 12:24 AM
Well I got mine all fixed up and I put a bunch of sucerity stuff in there. But take a look at my friends vB:

http://vmkadventure.com

It has me and him stumped as to where to remove that garbage and make sure it wont happen again.


All times are GMT. The time now is 11:18 PM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01905 seconds
  • Memory Usage 1,728KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete