Thread: Love calculator
View Single Post
  #18  
Old 05-02-2002, 07:05 AM
Floris Floris is offline
 
Join Date: Jan 2002
Posts: 1,898
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Wow,
I am sorry to hear that. I do hope you can find and procecute the hackers/crackers or however those lame abusers want to call themselves.

Happy that you had a backup :> And I hope you find out that it isn't a bug in vB 2.2.5 :>

Take your time, because the current version we can download works just fine


[update 4 mins later]


Ah, I think I know what went wrong.
You have an old vBulletin version! vB 2.2.1
There are like 5 exploits out there for vBulletin, download vB 2.2.5 from vBulletin.com "Members Area" and upgrade A.S.A.P.! They probably did some cross site exploiting or maybe through upload exploit with php older then 4.1.2 (or whatever, see vBulletin.com announcements and php.net announcements) - If it was php, inform your provider.

Also, .htpasswd/.htaccess your /admin/ & /mod/ directory, so they can't exploit and then login as an administrator. Also, check the admin log and write down all the IP's. Maybe you also want to have a copy of the hacked board in .sql so you can go through that with notepad or ultraedit or whatever, and find IP's from users who just signed up, (and admin log) and compare those against the servers syslog.

vBulletin 2.2.5 announcement thread.
PHP Vulnerability -- File Uploads thread.

vBulletin.com members area
php.net Vulnerability security release (www.php.net for sources)


Hope this helps.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02072 seconds
  • Memory Usage 1,772KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete