vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   [4.2.5] Clientscript Malware (https://vborg.vbsupport.ru/showthread.php?t=328371)

hunter1985 11-26-2020 08:12 PM
[4.2.5] Clientscript Malware
 
Hello my website appears to have security issues from using vBulletin 4.2.5, those javascript files appears to be needing updated or fixed before things gets worse

https://sitecheck.sucuri.net/results/apg-clan.org

yilmaz 11-26-2020 09:27 PM
Re-upload files in clientscript folder to ftp

marikko 12-01-2022 01:13 PM
I have the same issue. Somebody is altering files like /clientscript/vbulletin_md5.js
with some redirecting / malware code.

Any tipps on how to fix this? How can they even access my files?

I did reupload all the clientscript files and this fixes it, but one or two weeks later the malware stuff is back and the files were altered again by some hacker...

Already changed all passwords, added htaccess etc. but it does not help.

Hostboard 12-01-2022 03:32 PM
You really should re-upload ALL the vBulletin files, change all your passwords (vBulletin, hosting, FTP, etc.) Also check who belongs to the admin group and make sure no one is there that is not supposed to be.

TheLastSuperman 12-03-2022 03:22 PM
There is some code more than likely, hidden within one of your plugins or within a template, it may link out to something (that then renders the malicious code) making it harder to find.

Edit each of your plugins, then scroll down to the bottom, if you see a large gap in space or anything that looks like added code, paste it here for review.

You can use this guide:
https://forum.vbulletin.com/blogs/mi...vbulletin-site

There was also another guide by Zachery or Trevor I believe from back then, that is also relevant and useful but I couldn't locate the link, you may wish to search for that one (I believe it's a forum post versus a blog post etc). Edit: Found it - https://forum.vbulletin.com/blogs/za...ve-been-hacked


All times are GMT. The time now is 02:23 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01125 seconds
  • Memory Usage 1,718KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (5)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete