vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Nulled VBulletin (https://vborg.vbsupport.ru/showthread.php?t=189318)

Bilderback 08-27-2008 11:49 PM
Nulled VBulletin
 
What is a Nulled VBulletin version?
Its a hacked copy of vbulletin with all reference to license, copyright
and authentication removed from the php code.
Why should license holders worry of such script?
Anyone using a nulled version of any script not only affects their own server security
but any other sites on the same server since Nulled versions normally contain a backdoor.
So you may be a valid license holder yourself, but if you are on a shared host,
the guy a couple folders over from your webspace may be putting you at risk.

In my latest endeavor, I was surprised to see version 3.7.3 out so early on the hack sites.
Being bored today with nothing to do, I decided to tear into the php and sure enough,
found a complete backdoor access buried within a file.
When a user installs or upgrades to this Nulled version, an email is sent to the nuller,
notifying him of your url ,which is now all he needs to gain complete access.
How ,you may ask?
Through 2,163 lines of custom php, from grabbing your OS, kernel version, paths
and database info to issuing netstat commands and probing ports, to the more familiar,
delete,create and edit of any data on the server.(Linux and Windows)
I was amazed at how intense the back door was and at how much information it was obtaining.

Moral of the story
Cheating can cost you more than its worth in the long run.
The price of VBulletin is extremely reasonable not just for the amazing product itself
but also for all the support of the bulletin board script by its staff and members.
Dont use Nulled versions of any script.

~and for those of you reading this who may be running a nulled version...
please do not PM me asking where the code is buried because I am not a fan
of those who steal.

fattony69 08-28-2008 12:13 AM
Great article. I expected the backdoor, but it to be more in depth, that's wow. Nothing is what it seems to be, but usually the opposite.


All times are GMT. The time now is 01:09 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00929 seconds
  • Memory Usage 1,708KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (2)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete