vb.org Archive - Anyone know who "uykusuz001" are?

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)

- - Anyone know who "uykusuz001" are? (https://vborg.vbsupport.ru/showthread.php?t=206054)

Megatr0n

02-20-2009 09:37 PM

Anyone know who "uykusuz001" are?

A few hours ago my site seemingly got hacked and all I could see was a page like this:

http://kcsl.ca/X-Portal/

Except it said:

XSS Exploit in vBuletin add-on

ONE TURK AGAINST THE WORLD

AND JUSTICE FOR ALL

If I tried to access any script on the forum or page it'd always take me back to the index.page. Once I uploaded a fresh new copy of the file, the issue was fixed and the site started loading again. It's funny because none of my files or the database wasn't deleted or damaged.

I asked the host and they said they scanned the site whole server and no malicious scripts or shall programs to speak of and did not noticed any breaching through FTP.

Any ideas?

iyama

02-20-2009 09:49 PM

here more stuff
http://www.google.nl/search?q=uykusu...ient=firefox-a

Megatr0n

02-20-2009 09:53 PM

Thanks. I have already used Google and can't find much information on it. Just other sites which, have got hacked.

iyama

02-20-2009 09:58 PM

Its a hacker what is hacking around for his fun. And it shows that it is possible to hack your site. Maybe he want you to protect your site the next time better.

Megatr0n

02-20-2009 10:01 PM

That's just it nothing was hacked, I mean damaged of the sort. I didn't have to restore any sort of back-up or anything.

I was wondering if anyone here can shed some more light about who this guy(s) is/are.

Lynne

02-20-2009 11:07 PM

I think it was a more of a warning - he *could* have done more to your site since he obviously got access. I suggest you read this - How To Make My Forums More Secure - and also contact your host to see if they can help you figure out how they got access to your server.

Megatr0n

02-21-2009 12:47 AM

Hi Lynne,

You could be right. I read though he also managed to hack United Nation's and Sony's site? :S

I've pretty much followed all those steps from that thread. The host think it's a script based hack but don't know which, one. They've now enabled enhanced logging so if it happens again they'll know. So, I guess we'll have to wait and see.

Dismounted

02-21-2009 03:45 AM

Quote:

XSS Exploit in vBuletin add-on

This tells all, really.

fattony69

02-21-2009 06:05 AM

Quote:

Originally Posted by Dismounted (Post 1750388)

This tells all, really.

Not ALL. Which one is it?

iyama

02-21-2009 08:02 AM

Maybe he toke the settings from you. Your host can see that

All times are GMT. The time now is 02:16 PM.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.00986 seconds Memory Usage 1,726KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: