The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
|
|||
|
|||
Forum hacked because of /install/upgrade.php delete it
v4.21 forum got hacked 3 times from raw forum no modification, no addon, fresh, clean DB...
I than look at the log it and pointed toward /install/upgrade.php I got curious and went to check how they could manage such a thing... and to my surprise... The page ask for the customer number... that fine... View source code on that page Code:
<!-- var IMGDIR_MISC = "../cpstyles/vBulletin_3_Silver"; var CLEARGIFURL = "./clear.gif"; var CUSTNUMBER = "XXXXXXXXXXXXXXXXXXXXX"; var VERSION = ""; var SCRIPTINFO = { version: "", startat: "", step : "", only : "" }; var ADMINDIR = "../cp_admin"; And guess what, It can be reversed in 5 minutes from what I've seen. Customer number are what, 12 symbols A-Z0-9 I guess there even DB that contain all possible MD5 with those values. So they get my customer number and execute the upgrade script and create a new account from the upgrade script... Why did you even bothered giving them the MD5 of the answer and the link to the admin control pannel? So yes, delete your install folder entirely or move it outside of your forum asap. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|