Go Back   vb.org Archive > Community Discussions > Forum and Server Management
  #1  
Old 10-24-2008, 09:24 PM
Taragon's Avatar
Taragon Taragon is offline
 
Join Date: Sep 2007
Location: The Netherlands
Posts: 390
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Awkward files in customavatars?!

Hello,

Currently I have set to store all avatars to my server.

Could someone identify these files perhaps? And how to avoid this in the future?

/customavatars
drevelation.php
Inbox.php
unknowntask.php

/customavatars/ise/ise/ise/ise/hour/halifax-online.co.uk/secure/_mem_/formslogin.asp/
.htaccess
Drop3PostLaunch.php
finish.php
index.html
index11.gif
rurCaptureContactDetails.php
rurCaptureSecurityQuestions.php
updatepersonaldetails.php
Reply With Quote
  #2  
Old 10-24-2008, 10:23 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Those files don't look like they are up to any good at all. - Capture Contact Details? Capture Security Questions? Drop 3 Post (on) Launch? Have you been having any site problems lately?
Reply With Quote
  #3  
Old 10-24-2008, 10:34 PM
Taragon's Avatar
Taragon Taragon is offline
 
Join Date: Sep 2007
Location: The Netherlands
Posts: 390
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi Lynne,

No, none at all. Also I just recently made this alteration. Those who had/have access I completely trust.
I somehow seem to be unable to remove them, therefore I contacted my host.

Since I just set/changed my avatar storage type, could you please confirm I had to chmod my /customavatars to 777?
Reply With Quote
  #4  
Old 10-24-2008, 10:56 PM
SEOvB's Avatar
SEOvB SEOvB is offline
 
Join Date: May 2007
Location: Indianapolis
Posts: 2,451
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

777 or 755 will work depending on your hosting configuration
Reply With Quote
  #5  
Old 10-24-2008, 11:08 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You may want to ask your host for help to find out how those files got onto your server. Do it soon because logs get rotated and you may not have them around for much longer.
Reply With Quote
  #6  
Old 10-26-2008, 03:50 AM
Amenadiel's Avatar
Amenadiel Amenadiel is offline
 
Join Date: Sep 2006
Posts: 171
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

it seems to me someone uploaded hacking php scripts using the avatar upload capabilities and or used the 777 permissions to move files there.

can you post the content of drevelation.php ?
Reply With Quote
  #7  
Old 10-31-2008, 04:48 PM
GreigScott GreigScott is offline
 
Join Date: Jul 2008
Location: Scotland :]
Posts: 83
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Somepeople for starters you cant trust. and ask your host.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:55 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03848 seconds
  • Memory Usage 2,206KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete