vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Has anyones forum ben attacked recently? (https://vborg.vbsupport.ru/showthread.php?t=264178)

preemz10314 05-25-2011 12:17 PM
Has anyones forum ben attacked recently?
 
I am wondering if anyone else's forum has been attacked recently. And how, if so please state the version and the type of attack / what they did... as my site on 4.0.7 has been attacked a few times and I want to see if anyone else shares this problem.

My first attack was some form of iframe exploit that left a redirect to some page in the uk, the second one a week or so ago, left my forum.php file blank with the words "Xuplena" and nothing else...I am running 4.0.7 with security patch.

I have since, upgraded my server to help protect against SQL injections and have disabled shell scripts from running.

Frosty 05-25-2011 12:32 PM
Can you write the list of the addons you have installed?

preemz10314 05-25-2011 12:45 PM
*Enabled mods are marked as Enabled - All others are disabled* It is a somewhat long list.

Add wibiya Script 1.1 -ENABLED

Article Forum 4.1.2

CT second_post_Ads 2.0.2

Digital Point Position Ads

Digital Point Spy 1.0

Display reputation comments given

DownloadsII 6.0.7 -ENABLED

Easy Mod Tools 4.0.4 -ENABLED

First Post on all pages 1.2

Hide Links From Guests 1.21

Hide Version 1

Inactive User Reminder Emails 2.1.1

MARCO1 Advanced Quick Reply And Edit With Smilies 4.5 -ENABLED

Members who have Visited 4.0.9 -ENABLED

Merge Double Posts 2.8

Minimum number of posts to send pm. 1 _ENABLED

Movie Of The Week 3.0.2

Separate Sticky and Normal Threads 4.0.1 _ENABLED

Show a Poll In FORUMHOME 3.0

today's Top Poster(s) 4.0.RC1 -ENABLED

vb4 Film Strips marquee by Yilmaz 8.5 -ENABLED

vBH - Add new tabs 1.2 1.2 -ENABLED

vBulletin Blog 4.0.7

vBulletin CMS 4.0.7 Content Management System

View signature restriction 1 -ENABLED

VSa - (De)Bump Threads 1.2

VSa - Advanced Forum Statistics 7.0.3

VSa - Advanced Permissions Based on Post Count 5.1

VSa - Advanced Registration 2.0.1

VSa - PayPal Donate 5.0 -ENABLED

Yet Another Mass Private Message System

Frosty 05-25-2011 12:55 PM
Well, you don't have VSa - Advaned Forum Rules installed, so you're not one of the "Team Animus" victims.

How did they hack you? Did they just edit your index.php or .htaccess file or they edited some style? It's very important since they would need FTP or PHP shell access for editing of php and .htaccess files, and if they just had your admin password they could have uploaded a php shell via plugin system. But I doubt it, so do the following:

- Download the latest database
- Download untouched files of your vBulletin version
- Replace old ones with the new ones.

Delete every file that wasn't overwritten.

nitra1000 05-26-2011 07:18 AM
Also uninstall any of the mods that are disabled whats the point of having them there if they aren't turned on?


All times are GMT. The time now is 04:46 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01127 seconds
  • Memory Usage 1,713KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (5)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete