Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
ibProArcade - professional Arcade System Details »»
ibProArcade - professional Arcade System
Version: 2.7.6+, by MrZeropage MrZeropage is offline
Developer Last Online: Mar 2023 Show Printable Version Email this Page

Category: Major Additions - Version: 4.x.x Rating:
Released: 11-24-2005 Last Update: 11-10-2018 Installs: 8464
DB Changes Uses Plugins Template Edits
Additional Files Translations  
No support by the author.

ibProArcade
the professional Arcade System
for your vBulletin-Board

the most installed Modification for vBulletin ever
here on vbulletin.org

works with vBulletin 3.0.x / 3.5.x / 3.6.x / 3.7.x / 3.8.x / 4.0.x / 4.1.x / 4.2.x

Click here
to jump to the
ibProArcade-Support-Forum
in the Premium-Modification-Section



ibProArcade v2.7.6+ is compatible to PHP5.6 and PHP7.0/7.1
Please notice that vBulletin itself needs minimum version 3.8.11 or 4.2.5 to work with PHP7.0/7.1

=================================================

Converters available

If you made your way with another Arcade in your forum, maybe it's time to evolve and migrate to ibProArcade.
No problem, there are converters available to smoothly port your games, scores ect. to ibProArcade

CONVERTER for v3arcade
CONVERTER for DBTech vBArcade (Lite and Pro)
Use any converter for easy and safe conversion without losing any Game or Score - and even complete uninstall help for your old arcade

=================================================

For Branding-Free-License and Donations check the "Information"-Section in your AdminCP's Arcade-Section after installing

=================================================

Click INSTALL to get an email when an update for ibProArcade is released

=================================================


This Hack provides you a professional Arcade fully integrated in your vBulletin-Forum. Your Members can play Games, hunt for Highscores and do Tournaments.


Some Feature that come along and make this ibProArcade outstanding:
  • Styles
    different Styles (ibProArcade, v3arcade)
    in AdminCP you define the default Style and if users can select their own preferred Style
  • Languages
    this Hack comes along with multiple languages, selectable via AdminCP
    currently included: english, german, french, dutch, portugese
  • Custom Game Sorting
    you can set a default sorting in AdminCP while each User can select his own sorting, e.g. by name, rating, times played ect.
  • Game Ratings
    Members can rate each Game
  • Arcade UserCP
    each user can set his own preferences for the Arcade: game sorting, games/scores per page, notifications, Skin, default category
  • Arcade ModCP
    an Adcade-Moderator can take care of scores, tournaments, comments ect.
  • Tournaments
    you can create Tournaments via AdminCP or Arcade-ModCP with either 2, 4 or 8 participants
    Users can create Tournaments with open slots other players can join in
    Creation of Tournaments is based on Usergroup and User-Permissions
    Each Game can be set to be selectable for Tournaments or not
  • Automatic Game Installation
    in the AdminCP you can easily install new games, just upload the Archives to your server and install with a single click. There even is mass-installing included to install all uploaded games at once.
    No more worrying about putting certain files in certain folders and running an installer.
    This Feature works with ibProArcade-TAR-Archives and v3arcade-ZIP-Archives.
  • Categories
    you can create categories for the games, e.g. genre
    categories can be protected with a password and/or restricted to certain usergroups
  • advanced Game Statistics
    alot of information are provided for each game:
    • best score of all times
    • your personal best result
    • actual highscore-champion
    • game-rating
    • times played
    • time played
  • Active Users in the Arcade
    this shows who currently is in the Arcade and what everybody is doing there. In AdminCP you can select in which areas of the Arcade this will be shown
  • Game Information
    while playing a game some information gets displayed: current highscore and champion, the objective of the game and the controls for this game
  • Group-Permissions
    you can set alot of permissions for each usergroup:
    • Access to the Arcade (can not view, can view but not play, can view and play)
    • total posts requirement
    • posts per day requirement
    • max. plays per day
    • can create Tournaments
    • which categories can be played
  • User-Permissions
    you can set individual permissions per user:
    • can create Tournaments
    • is banned from the Arcade
    • is Arcade Moderator
    • which options this Arcade-Moderator has (scores, comments, tournaments ect.)
  • automatic Score-Pruning
    scores can be pruned after a period of time you can choose in AdminCP
  • Game Options
    each games has individual settings for height, width, background-color, how many decimal points, which result is best (high or low), the game's objective, the keys, a description ect.
  • Arcade-Information in the Forum
    in AdminCP you can select which Information will be in Postbit of each Posting a Member does in the Forum: Highscores and/or won Tournaments. The Style of this Information is available in different types (marquee, Icons only, static)
  • Full Integration in vbBux/vbPlaza
    if you have vbPlaza installed you have alot of options to sell in your Plaza-Shop:
    • Costs per Play
    • static or raising Jackpot to win per Game
    • Tournaments have Costs to participate and the Winner earns the Jackpot of this Tournament
    • Arcade-Pass for free playing (without winning)
For additional information just check out the attached Screenshots


ibProArcade is compatible to ibProArcade-Games (*wow* surprise!), v3arcade-Games and PNflashgames (www.pnflashgames.com, use POSTNUKE format).
PNflashgames does even offer Multiplayer-Games.


This Hack was originally done for Invision Power Board (IPB) by Chris Kelly and later adapted to work within vBulletin 3.0.x but had no real integrated AdminCP and even some illegal licensed Files from IPB included, so it was removed from official vBulletin-Sites.

ibProArcade for vBulletin comes along with a complete new AdminCP with even more options and improved functionality, has been bugfixed alot and I implemented some additional feature that where missing. All known security-issues found have been fixed.

ibProArcade is full compatible to PHP4 and PHP5 and works with all vBulletin 3.x.x (yes, 3.0.x + 3.5.x + 3.6.x + 3.7.x + 3.8.x) with all the same Scripts !
ibProArcade v2.7.5+ and later is full compatible to PHP5.6 and PHP7 and works with all vBulletin-versions 3.x/4.x with all the same Scripts !
PHP7.0/7.1 require minimum vBulletin 3.8.11 or 4.2.5 and ibProArcade v2.7.5+

Installation of ibProArcade is very simple and easy:

vBulletin 3.0.x
upload the Files
run the Installer
edit 4 PHP-Files
edit 3 Templates
add 1 new Template


vBulletin 3.5.x & 3.6.x & 3.7.x & 3.8.x & 4.x.x
upload the Files
import the Product-XML-File
edit 3 Templates



If you are upgrading from an existing Arcade, some information:
  • For existing ibProArcade-Installations (v2.6.6+ and older) check the included Upgrade-Information (look in Archive)
  • For existing ibProArcade-Installations (v2.5.1) just do everything like a fresh installation, your Games and Scores should be kept automatically
  • For existing v3arcade-Installations (v1.0.x) for vBulletin 3.5/3.6 there is the converter available.
I want to say a big THANK YOU to everybody who helped in the 3 months of development, testing and bugfixing the initial v2.5.3+ (in alphabetical order):
---MAD---, Acers, Aftermath, beacher, dede1, E=mc?, Esposito, Feckie (Roger), Gemma, ggiersdorf, GrendelKhan{TSU, Huijting, jbd, JTyson, kall, kylek, MasterMaik, matrix, media4you, micheal332001, MissKalunji, MrLister, nitro, nullified, Okie, Paul_Hollibone, Scotty2k, Ski-Whiz, slank, Smoker, stangger5, Synper, soniceffect, Sooner95, tcs, Tekram, Willy, Wordplay and everybody else I forgot to mention here

Special thanks to Chris Kelly for his permission to re-release this new, extended ibProArcade to the vBulletin-Community !


Please remember to click INSTALL


If you want to support me, feel free to donate (use the "support developer" button in the upper right) or just check out the Installation-Instructions included in the ZIP-Archive, Thank You!


For Branding-Free License check the AdminCP -> Arcade -> Information after you installed it, all information can be found there.


...and now you should stop reading this and start downloading this awesome addition for your vBulletin to make your Members happy...


Enjoy



Download-History:
v2.6.7a+ (9880 Downloads)
v2.6.8+ (9849 Downloads)
v2.6.9+ (456 Downloads)
v2.7.0+ (10833 Downloads)
v2.7.2+ (4626 Downloads)



** Please do not post any information, request or offer of Games here in this Thread ! And remember that Support is given in the ibProArcade-Support-Forum **

Download Now

File Type: zip ibProArcade 2.7.6+.zip (688.3 KB, 326 views)

Screenshots

File Type: jpg ibpro_main.JPG (373.7 KB, 0 views)
File Type: jpg ibpro_game.JPG (77.7 KB, 0 views)
File Type: jpg ibpro_tournamentlist.JPG (101.2 KB, 0 views)
File Type: jpg ibpro_tournamentopen.JPG (101.5 KB, 0 views)
File Type: jpg ibpro_tournamentrunning.JPG (82.2 KB, 0 views)
File Type: jpg ibpro_acp_main.JPG (243.5 KB, 0 views)
File Type: jpg ibpro_acp_gamelist.JPG (147.4 KB, 0 views)
File Type: jpg ibpro_acp_group.JPG (95.1 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #7022  
Old 01-08-2013, 07:09 PM
topladz topladz is offline
 
Join Date: Aug 2010
Posts: 37
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

hi im getting this message when trying to access the arcade

topladz, you do not have permission to access this page. This could be due to one of several reasons:
1.Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
2.If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

im admin and all permissions are set for me to view, whats happening
Reply With Quote
  #7023  
Old 01-12-2013, 10:45 AM
naveeid's Avatar
naveeid naveeid is offline
 
Join Date: Jan 2011
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i was unable to install it , when i imported product , i saw no message , but then i saw that its installed and given in the list , but no changes any where
so i uninstalled it
Reply With Quote
  #7024  
Old 01-14-2013, 08:28 PM
Chadi's Avatar
Chadi Chadi is offline
 
Join Date: May 2004
Location: USA
Posts: 2,043
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Installed new skins, this is how it appears for the arcade specifically. Skin works fine everywhere else (including several other mods).

Attached also is how it should appear
Attached Images
File Type: jpg 1.jpg (50.7 KB, 0 views)
File Type: jpg Capture.jpg (67.6 KB, 0 views)
Reply With Quote
  #7025  
Old 01-17-2013, 08:51 PM
Chadi's Avatar
Chadi Chadi is offline
 
Join Date: May 2004
Location: USA
Posts: 2,043
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Anyone please?
Reply With Quote
  #7026  
Old 01-18-2013, 02:19 AM
Hippy's Avatar
Hippy Hippy is offline
 
Join Date: Dec 2001
Location: USA, New Jersey
Posts: 2,392
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

In my sig there is a link to the fixes
I would first replace the ARCADE template with the info post in the link..
if you get stuck
send me temp access and I will fix I ..
Reply With Quote
  #7027  
Old 01-20-2013, 03:50 PM
topladz topladz is offline
 
Join Date: Aug 2010
Posts: 37
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by topladz View Post
hi im getting this message when trying to access the arcade

topladz, you do not have permission to access this page. This could be due to one of several reasons:
1.Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
2.If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.



im admin and all permissions are set for me to view, whats happening
hi i still cant get in to the arcade have i done something wrong
Reply With Quote
  #7028  
Old 01-21-2013, 05:01 PM
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
Posts: 550
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

there appears to be an exploit which allows users to forcefully reset the passwd.
Reply With Quote
  #7029  
Old 01-21-2013, 06:42 PM
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
Posts: 550
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

<a href="https://www.vbulletin.com/forum/showthread.php/415772-exploit-forcefully-resetting-password-issue" target="_blank">https://www.vbulletin.com/forum/show...password-issue</a>
Reply With Quote
  #7030  
Old 01-26-2013, 02:43 PM
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
Posts: 550
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm frustrated on reporting of a potential bug and yet nothing is coming up. I manually checked every single log and the only thing the person was accessing was arcade.php (The latest) and was able to forcefully reset the password of my account and obtain the required hash to reset it further.

Now, unless the are able to read the configuration of my admin panel and obtain my sendgrid information then that too is possible but once again it came from arcade.php.

Normal access logs

Code:
root@dmca [/home/domain/access-logs]# cat forum.domain.com | grep arcade.php
65.55.52.108 - - [26/Jan/2013:08:25:20 +0000] "GET /arcade.php?do=stats&gameid=10 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
121.97.10.2 - - [26/Jan/2013:08:44:20 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/f198/ad-stormgamingnetwork-season-6-ep3-906484/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19"
121.97.10.2 - - [26/Jan/2013:08:44:33 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19"
121.97.10.2 - - [26/Jan/2013:08:44:54 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19"
199.21.99.68 - - [26/Jan/2013:08:57:43 +0000] "GET /arcade.php HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)"
223.205.88.20 - - [26/Jan/2013:09:14:37 +0000] "GET /arcade.php HTTP/1.1" 301 26 "-" "Mozilla/4.5 (compatible; HTTrack 3.0x; Windows 98)"
157.55.32.166 - - [26/Jan/2013:10:10:14 +0000] "GET /arcade.php?act=Arcade&gsearch=D&search_type=1 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
65.55.52.108 - - [26/Jan/2013:10:10:42 +0000] "GET /arcade.php?act=Arcade&module=report&user=204668 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
157.55.33.19 - - [26/Jan/2013:10:11:28 +0000] "GET /arcade.php HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
157.55.33.19 - - [26/Jan/2013:10:11:29 +0000] "GET /arcade.php?act=Arcade&do=stats&gameid=4&st=5 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
157.55.35.46 - - [26/Jan/2013:10:23:04 +0000] "GET /arcade.php?do=viewtourney&tid=19 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
157.55.34.180 - - [26/Jan/2013:10:35:07 +0000] "GET /arcade.php?act=Arcade&module=report&user=75275 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
101.85.124.208 - - [26/Jan/2013:10:37:30 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/usercp.php" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.84 Safari/535.11 LBBROWSER"
49.176.40.15 - - [26/Jan/2013:10:43:22 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/f609/2-phoenix-license-premium-minecraft-880505/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
65.55.24.245 - - [26/Jan/2013:11:58:57 +0000] "GET /arcade.php?act=Arcade&module=report&user=1333375530 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
41.205.96.246 - - [26/Jan/2013:12:43:30 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1"
119.193.46.37 - - [26/Jan/2013:12:49:59 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/raffles.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
87.206.99.56 - - [26/Jan/2013:12:59:55 +0000] "GET /arcade.php HTTP/1.1" 301 26 "-" "Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
111.125.84.42 - - [26/Jan/2013:13:35:42 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/f269/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.52 Safari/537.17"
157.55.35.32 - - [26/Jan/2013:14:05:47 +0000] "GET /arcade.php?act=Arcade&do=play&gameid=121 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
27.99.19.136 - - [26/Jan/2013:14:10:59 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
27.99.19.136 - - [26/Jan/2013:14:11:02 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
157.55.35.46 - - [26/Jan/2013:14:45:02 +0000] "GET /arcade.php?do=play&gameid=14 HTTP/1.1" 301 26 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
207.237.54.38 - - [26/Jan/2013:15:35:25 +0000] "GET /arcade.php?do=stats&gameid=104 HTTP/1.1" 301 26 "http://forum.domain.com/private.php?do=showpm&pmid=1763182" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
207.237.54.38 - - [26/Jan/2013:15:35:31 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
207.237.54.38 - - [26/Jan/2013:15:35:35 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17"
root@dmca [/home/domain/access-logs]#
person who conducted the exploit

Code:
root@dmca [/home/domain/access-logs]# cat forum.domain.com | grep 91.236.116.142


91.236.116.142 - - [21/Jan/2013:17:13:46 +0000] "GET / HTTP/1.1" 200 11488 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:22 +0000] "GET /register.php HTTP/1.1" 200 10000 "http://forum.domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:28 +0000] "GET /clientscript/vbulletin_css/style00115l/register.css?d=1358021545 HTTP/1.1" 200 338 "http://forum.domain.com/register.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:34 +0000] "GET /login.php HTTP/1.1" 303 26 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:39 +0000] "GET /index.php HTTP/1.1" 200 11494 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:45 +0000] "GET /f71/ HTTP/1.1" 200 13247 "http://forum.domain.com/index.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:50 +0000] "GET /f71/forum-rules-101410/ HTTP/1.1" 200 12843 "http://forum.domain.com/f71/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:50 +0000] "GET /f71/forum-rules-101410/images/styles/AnimatedArena/style_blue/loginButton.gif HTTP/1.1" 404 40 "http://forum.domain.com/f71/forum-rules-101410/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:50 +0000] "GET /f71/forum-rules-101410/images/styles/AnimatedArena/style_blue/footerLogo.png HTTP/1.1" 404 40 "http://forum.domain.com/f71/forum-rules-101410/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:51 +0000] "GET /f71/forum-rules-101410/images/styles/AnimatedArena/style/logo_blue.png HTTP/1.1" 404 40 "http://forum.domain.com/f71/forum-rules-101410/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:14:59 +0000] "GET /usercp.php HTTP/1.1" 200 6749 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:15:07 +0000] "POST /login.php?do=login HTTP/1.1" 200 6594 "http://forum.domain.com/usercp.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:15:12 +0000] "GET /login.php?do=lostpw HTTP/1.1" 200 6619 "http://forum.domain.com/login.php?do=login" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:30:02 +0000] "GET /usercp.php HTTP/1.1" 200 6782 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:30:04 +0000] "GET /cron.php?rand=1358789402 HTTP/1.1" 200 43 "http://forum.domain.com/usercp.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:30:37 +0000] "POST /login.php?do=login HTTP/1.1" 200 2365 "http://forum.domain.com/usercp.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:30:41 +0000] "GET /usercp.php HTTP/1.1" 200 6868 "http://forum.domain.com/login.php?do=login" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:31:01 +0000] "GET / HTTP/1.1" 200 6398 "http://forum.domain.com/usercp.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:32:39 +0000] "GET / HTTP/1.1" 200 11489 "http://forum.domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:32:49 +0000] "GET /usercp.php HTTP/1.1" 200 6749 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:33:06 +0000] "POST /login.php?do=login HTTP/1.1" 200 6244 "http://forum.domain.com/usercp.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:33:14 +0000] "GET / HTTP/1.1" 200 11488 "http://forum.domain.com/login.php?do=login" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:33:08 +0000] "GET /login.php?do=lostpw HTTP/1.1" 200 6618 "http://forum.domain.com/login.php?do=login" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:34:17 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 666 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:34:17 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 623 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:34:24 +0000] "POST /login.php?do=emailpassword HTTP/1.1" 200 2403 "http://forum.domain.com/login.php?do=lostpw" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:34:27 +0000] "GET /login.php?do=login HTTP/1.1" 303 26 "http://forum.domain.com/login.php?do=emailpassword" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:34:27 +0000] "GET /index.php HTTP/1.1" 200 11494 "http://forum.domain.com/login.php?do=emailpassword" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:36:13 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 665 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:36:13 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 659 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:36:18 +0000] "GET /login.php?do=resetpassword&u=1&i=8e3849c72ee420c426fea00f50947f226aabf1f6 HTTP/1.1" 200 6381 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:36:46 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 667 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:36:46 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 648 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
Following day I removed the file and person tried again

Code:
root@dmca [/home/domain/access-logs]# cat forum.domain.com | grep "91.236.116.142"
91.236.116.142 - - [23/Jan/2013:14:19:47 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 301 26 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [23/Jan/2013:14:19:48 +0000] "GET / HTTP/1.1" 200 11391 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [23/Jan/2013:14:20:08 +0000] "GET /arcade.php HTTP/1.1" 301 26 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:08 +0000] "GET / HTTP/1.1" 200 11454 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:10 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:11 +0000] "GET / HTTP/1.1" 200 11454 "http://forum.domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:19 +0000] "GET /f71/ HTTP/1.1" 200 13239 "http://forum.domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:29 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/f71/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:29 +0000] "GET / HTTP/1.1" 200 11457 "http://forum.domain.com/f71/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:35 +0000] "GET /raffles.php HTTP/1.1" 200 6823 "http://forum.domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:14:20:56 +0000] "HEAD /arcade.php HTTP/1.1" 301 0 "-" "curl/7.26.0"
91.236.116.142 - - [23/Jan/2013:14:21:03 +0000] "HEAD /afds.php HTTP/1.1" 301 0 "-" "curl/7.26.0"
91.236.116.142 - - [23/Jan/2013:15:30:05 +0000] "GET /arcade.php HTTP/1.1" 301 26 "http://forum.domain.com/raffles.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [23/Jan/2013:15:30:05 +0000] "GET / HTTP/1.1" 200 11464 "http://forum.domain.com/raffles.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
root@dmca [/home/domain/access-logs]#
The important part;

Code:
91.236.116.142 - - [21/Jan/2013:17:33:08 +0000] "GET /login.php?do=lostpw HTTP/1.1" 200 6618 "http://forum.domain.com/login.php?do=login" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:34:17 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 666 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:34:17 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 623 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:34:24 +0000] "POST /login.php?do=emailpassword HTTP/1.1" 200 2403 "http://forum.domain.com/login.php?do=lostpw" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:34:27 +0000] "GET /login.php?do=login HTTP/1.1" 303 26 "http://forum.domain.com/login.php?do=emailpassword" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:34:27 +0000] "GET /index.php HTTP/1.1" 200 11494 "http://forum.domain.com/login.php?do=emailpassword" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:36:13 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 665 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:36:13 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 659 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:36:18 +0000] "GET /login.php?do=resetpassword&u=1&i=8e3849c72ee420c426fea00f50947f226aabf1f6 HTTP/1.1" 200 6381 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
91.236.116.142 - - [21/Jan/2013:17:36:46 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 667 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"
91.236.116.142 - - [21/Jan/2013:17:36:46 +0000] "GET /arcade.php?do=pnFStoreScore HTTP/1.1" 200 648 "http://forum.domain.com/arcade.php?do=pnFStoreScore" "Mozilla/5.0"

91.236.116.142 - - [21/Jan/2013:17:36:18 +0000] "GET /login.php?do=resetpassword&u=1&i=8e3849c72ee420c42 6fea00f50947f226aabf1f6 HTTP/1.1" 200 6381 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
Filename was missing so they attempted to access a random php file to see if was an error on their part but they of course realised it was deleted.
To me, this is frustrating.
Reply With Quote
  #7031  
Old 01-26-2013, 05:05 PM
Amaury Amaury is offline
 
Join Date: Nov 2011
Location: Ellensburg, WA
Posts: 1,075
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by MentaL View Post
there appears to be an exploit which allows users to forcefully reset the passwd.
There was an exploit at one point that was patched.

Make sure you're running the latest version.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:19 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.10862 seconds
  • Memory Usage 2,442KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_code
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (6)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (22)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete