vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Detecting Style Built-in keyloggers (https://vborg.vbsupport.ru/showthread.php?t=318141)

FrozenBlast13317 04-07-2015 01:59 AM
Detecting Style Built-in keyloggers
 
Hi, recently my forum has acquired a new stylist. Is it possible a keylogger could be implemented into styles on a vBulletin 4.2.2 Forum? If so, how do I detect if one has been added?

Thanks.

ForceHSS 04-07-2015 02:00 AM
Who installed the style and where was it downloaded from

FrozenBlast13317 04-07-2015 03:30 AM
Nah, no one from vBulletin org installed it, they actually manually added it by the admin cp (using style manager) because they offered their work. They work for another forum and I like what I saw, I even had the m prove they were on that forum's moderation team AND style team, so I'm guessing they're trusted.

How do I detect a keylogger, though? Where do I look in styles/templates to see if there's a keylogger in a style?

ForceHSS 04-07-2015 04:35 AM
What makes you think there is one and why you think it's in the style. If you have been hacked I would look in plugin manager

FrozenBlast13317 04-07-2015 05:39 AM
This user does not have access to plugins/products. They only have Styles/Templates option in the AdminCP.

What I'm asking though is if it's possible to put a keylogger in a generated style via Style Manager alone, and if yes then how to detect one?

ForceHSS 04-07-2015 06:52 AM
No idea am sure someone can answer that question better, but something must of happened to make you think this has happened

kh99 04-07-2015 09:06 AM
Well, they definitely could load javascript from another site, and that could be used to trick the user into doing things they think they're doing on your site. I'm not sure it's possible to make a keylogger in javascript, but it probably wouldn't be too hard to trick a user into entering their password though, if that's what you're worried about (in fact that could probably be done just by loading html).

You'd really need someone who knows styles to look it over. But you could start by using "Search in Templates" to search that style for '<script ' (without the quotes). But again you'd need to know something about javascript to know if anything found belongs there or not. Seeing the url of another site anywhere in the code would be one red flag. You could also try searching for '<iframe '. There probably shouldn't be any of those, but again you'd have to know what to look for.

Dave 04-07-2015 12:42 PM
It's fairly easy to make a keylogger in JavaScript, doesn't require in-depth knowledge of JavaScript.
Like kh99 said, search for script and iframe tags in your theme.

blind-eddie 04-07-2015 12:56 PM
Quote:
Originally Posted by Carlostit2 (Post 2542484)
Hi, recently my forum has acquired a new stylist. Is it possible a keylogger could be implemented into styles on a vBulletin 4.2.2 Forum? If so, how do I detect if one has been added?

Thanks.
Talk with Dave (who posted above) he would be the one to help you.

kh99 04-07-2015 12:59 PM
Quote:
Originally Posted by Dave (Post 2542527)
It's fairly easy to make a keylogger in JavaScript, doesn't require in-depth knowledge of JavaScript.
Like kh99 said, search for script and iframe tags in your theme.
lol, yeah, I just googled it out of curiosity and it is pretty simple.


All times are GMT. The time now is 07:06 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01082 seconds
  • Memory Usage 1,728KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete