vb.org Archive - View Single Post

fattony69 · #40 09-25-2008, 08:07 PM

Quote:

Originally Posted by RS25com

I'd be interested in seeing what he said, but without registering. Care to post his comments?

I have some quotes if you want them:

Quote:

hi tbfe admins and users . .

i think u know me ?

any way i ViRuS_HiMa , the person who hacked ur site 3 times be4

fisrt sorry me about my english cuz i 17 y old from egypt

when i read the topic , its talk about this site hacked more than 4 or 5 times i think !!

how did i hack u ?

i was have phpshell script on the server that ur site has hosted on . .

but i was user and it mean that i can only read files from other sites on the server

so i look for forums to read the config thin use an script to change all forum home pages . .

and i think some one tlak about me and about the scrept in the vBulletin site :

vbulletin hacked - vBulletin.org Forum

but u know they was wrong in more of things cuz they talk about 777 permissions

but i dont need to 777 permissions to hack the vb forums cuz i can hack it with the only config data . . .

how to protect ur selfs from the next attacks ?

u have to change the include directory place

if u dont know what include dirctory

its folder in the vBulletin script . . .

and u have also to crypt the config by zend program . . .

last advic to u that u have to change ur passwords cum my some one have it now

and u have to see wich users are administrator and can log to the vb cpanel

cus the hacker can creat new user have the administrators access to the vb cpanel

now i tell u some of the forums security ways and u should know more

but any way if u dont know more about forums and sites security

u can contact me and i gonna help u as i can

A.e@hotmail.com

that was my advvices and i w8 for u . . .

and for the second time sorry me about my english . .

ViRuS_HiMa

Quote:

look when i deface ur forum i wasnt have phpshell on the "tbfe" i was have the shell on another site of the server

so when my id on the sell is user , and i wanna hack another site on the server ,

i have to use the script that i talkin about . .

i have use 2 scripts , one to read the config of the forum and the other is to deface all forum home pages .

about the milw0rm script , there is big defranse between my scriptes and the milw0rm script . .

the job of milw0rm script is to send the new exploits by the useres to stroky the milw0rm admin

then he add it to the script , so any 1 can see it . use it , and hack by it . . .

ViRuS_HiMa . .

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01475 seconds Memory Usage 1,776KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (3)bbcode_quote (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: