vb.org Archive - Vbulletin 4.2.0 Hacked?

Page 1 of 2

Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)

- - Vbulletin 4.2.0 Hacked? (https://vborg.vbsupport.ru/showthread.php?t=284939)

rockerzteam

06-26-2012 02:54 PM

Vbulletin 4.2.0 Hacked?

Looks like a vulnerability have been found in 4.2.0.... A few websites running it have been hacked and taken down by this group.

XXXXXX hacked by trading-network.to
best german underground forum <3
REGARDS bizznez

Anyone know of these unexplained attacks?

Lynne

06-26-2012 03:23 PM

Were they running 4.2.0PL2?

rockerzteam

06-26-2012 03:26 PM

They had all the updated patches installed waiting for a response from them.....

Lynne

06-26-2012 04:30 PM

Find out if they were running any modifications also. And, make sure they check their access_logs to see what actually happened.

rockerzteam

06-26-2012 06:08 PM

How ever they got in they were able to obtain a full database backup,users,passwords,and delete all files from there FTP.

borbole

06-26-2012 08:00 PM

Quote:

Originally Posted by rockerzteam (Post 2343113)

How ever they got in they were able to obtain a full database backup,users,passwords,and delete all files from there FTP.

If they deleted all the files through Ftp then it looks like the point of entry is not vb itself but some other third party stuff.

Lynne

06-26-2012 09:38 PM

Yeah, they got in through the server if they were able to take a database backup, and download it, and delete files.

rockerzteam

06-27-2012 12:30 AM

Very strange. With the amount of security and difficulty they put into a generated password i find this scary for the rest of us.

kh99	06-27-2012 12:35 AM

Quote:

Originally Posted by rockerzteam (Post 2343113)

How ever they got in they were able to obtain a full database backup,users,passwords,and delete all files from there FTP.

I'm curious, how do you know exactly what they were able to get? And when you say "from FTP", do you mean you know they did it via ftp?

Lynne

06-27-2012 01:55 AM

Quote:

Originally Posted by rockerzteam (Post 2343176)

Very strange. With the amount of security and difficulty they put into a generated password i find this scary for the rest of us.

You really haven't told us enough for us to say it was a matter of someone hacking the password. If they are on a shared server, it could have been through another account. If their own computer was compromised, their password could have been grabbed that way. It's really impossible to tell exactly how this happen with the little information given.

All times are GMT. The time now is 01:22 PM.

Page 1 of 2

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01118 seconds Memory Usage 1,727KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (3)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: