Version: 1.2.2, by InfiniteWebby
Developer Last Online: Aug 2007
Version: 3.5.0 RC1
Rating:
Released: 07-27-2005
Last Update: 09-03-2006
Installs: 538
Uses Plugins Template Edits
Additional Files
No support by the author.
[high]Security Fix: The uploaded version fixes all issues concerned with the recent security vulnerabilities. Sorry I haven't been around I don't really do anything plugin wise anymore.[/high]
Oh this version also works with all current version of vB 3.6. So feel free to use it on that version.
- InfiniteWebby
The low down
Well this is the vB 3.5.0 version of my hack. It is much the same as the original except that for some added stuff that I never released
Basically what it does is show the Top 'X' (edited via the vBulletin options in the admincp) newest members, top posters and newest replies on the Forumhome.
So what's new in this version?
Well for one all settings, which include amount of stats to show on forumhome and the extended page, thread title and username truncation, excluded forums and 'new' and 'old' thread prefixes.
Secondly there is now an extra page where you are able to choose exactly how many stats to show.
And lastly and most importantly it only takes 3 simple steps to install =)
What's on the horizon?
- More "stat blocks" including top reputation and top thread based on views or replies. If you have a suggestion please let me know, prefferably via pm.
- Proper can view other users threads permissions. At the moment I cannot think of how to block other people threads while still showing your own without totally re-writing the hack =(.
Version 1.2.1 is a re-release with who's online additions as well as some template changes. So you are best to reinstall the whole thing all over again.
So anyway enjoy and click install.
Show Your Support
This modification may not be copied, reproduced or published elsewhere without author's permission.
I've changed this modification a bit and performed two tests on my own board.I tryed an XSS attack (failed) and i tryed a meta redirect(failed) looks like clean to me now
Well Delphiprogrammi, the original fix would have stopped the two attacked in your screenshots already. What I'm curious is the reports that people are still getting hacked after applying the fix, yet no one has provided (via pm) an example of what the hacker used. Are the reports due to they not applying the fix correctly (not overwriting the buggy version somehow), or is there really still a hole?
Well Delphiprogrammi, the original fix would have stopped the two attacked in your screenshots already. What I'm curious is the reports that people are still getting hacked after applying the fix, yet no one has provided (via pm) an example of what the hacker used. Are the reports due to they not applying the fix correctly (not overwriting the buggy version somehow), or is there really still a hole?
yeah that's what i like to know to besides the XSS and the meta refresh exploits no hole is known is this but still people complain about being hacked hmmmz