vb.org Archive
Page 1 of 3 1 23
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   weird user maybe a hacker (https://vborg.vbsupport.ru/showthread.php?t=183428)

dtv100 06-24-2008 07:40 PM
weird user maybe a hacker
 
1 Attachment(s)
this morning around 5am i went to who is online and i saw someone using one of my test account on our board and where his ip should be only say server2 then i click on resolve ip and i get 127.0.0.1 i delete the test account and he was trying to login using different admin names from forum leader list .Then I make all admins regular users just to be safe .

this for me is the first time i get someone with a ip like that because 127.0.0.1 should be local host .or I wrong?

any idea where i should look first ?

Jase2 06-24-2008 07:44 PM
Re-upload all the default vBulletin files to be on the safe side.

nexialys 06-24-2008 07:59 PM
that IP is simple to use... someone with a website hosted on the same server as you are, using a shelled page... automated login via localhost access... basic, first thing a newbie hacker would do to trick a forum from phpBB...

cheat-master30 06-24-2008 09:47 PM
Well, since there aren't any currently known security issues with vBulletin, as long as your passwords are secure and relatively complex and you follow the basic security tips given out on the official site this user shouldn't succeed...

Jase2 06-24-2008 09:50 PM
Not necessarily. The bad guys always find the exploits first... For all you know, there could be an exploit in the new vBulletin, just not yet known ;)

cheat-master30 06-24-2008 11:08 PM
Well if they were trying something tried on phpBB boards, then trying said technique on a vBulletin powered board, despite vBulletin being coded completely differently other than using PHP and MYSQL would not exactly make me think said 'hacker' was too competent.

That and I doubt Jelsoft would leave yet another security problem in vBulletin that somehow went undetected for months despite many great coders having used the software and probably would have reported any security problems they found...

dtv100 06-25-2008 12:12 AM
Quote:
Originally Posted by nexialys (Post 1558040)
that IP is simple to use... someone with a website hosted on the same server as you are, using a shelled page... automated login via localhost access... basic, first thing a newbie hacker would do to trick a forum from phpBB...
is there any way I could ban using that ip I mean 127.0.0.1 with out any side effect to my board?

King Kovifor 06-25-2008 12:18 AM
Unless other users use that IP, no.

Jase2 06-25-2008 11:06 AM
Quote:
Originally Posted by cheat-master30 (Post 1558147)
Well if they were trying something tried on phpBB boards, then trying said technique on a vBulletin powered board, despite vBulletin being coded completely differently other than using PHP and MYSQL would not exactly make me think said 'hacker' was too competent.

That and I doubt Jelsoft would leave yet another security problem in vBulletin that somehow went undetected for months despite many great coders having used the software and probably would have reported any security problems they found...
I never said there is a security issue. I said 'there' could be ;)

As I've said, exploits are always found by the bad guys first. Not every security issue is that noticeable, even with quality coders using vBulletin.

dtv100 06-25-2008 07:49 PM
OK today he finally got a hold of my user account since he can only log as a user but cant can to control panel since we have a second password to it .
also he did same thing in our second site .

he post in our staff area that he using a sql injection i am in the process of remove same hacks install in both sites to see if that help.

server login was change ,ftp login was change basically all password was change and i ban ip 127.0.0.1 now will re upload all vb files again .

anything i forgetting ?


All times are GMT. The time now is 12:57 PM.
Page 1 of 3 1 23
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01051 seconds
  • Memory Usage 1,737KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete