Thread: Hacker Gave himself Admin privs
View Single Post
  #3  
Old 11-30-2017, 03:37 PM
CarolSEL CarolSEL is offline
 
Join Date: Aug 2010
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks Dave,
We're running on 4.2.4, and since the problem we previously had, have not reinstalled any but necessary (vB) plugins.
Host sent me back this reply (pretty much the same answer, but with specifics):
After reviewing the server and logs it appears that the compromise occurred completely within the VBulletin software and not through any form of malware on the site. This compromise was due to vulnerabilities of the End Of Life version of your software. I determined this by reviewing all access logs from that IP address as well as scanning the account for malware (finding 0 hits). I also scanned for standard CMS versions and this was the result.

==== End-Of-Life CMS Packages ====

vBulletin 4.2.1 /home/mydb
vBulletin 4.2.0.3 /home/mydb/forums
vBulletin 4.2.4 /home/mydb/public_html/forums
vBulletin 4.2.0.3 /home/mydb/public_html/moved pb html



The recommended course of action at this point it to fully update your live software while removing accessibility to any that are not being used at this time. Once updated I would also recommend searching for any sort of security based addon for that software that can help mitigate any future threats.
Aren't the older versions automatically overwritten with upgrades?
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01235 seconds
  • Memory Usage 1,764KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete