Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
  #31  
Old 02-24-2002, 01:32 PM
Wolf42's Avatar
Wolf42 Wolf42 is offline
 
Join Date: Nov 2001
Location: Vienna, Austria, Europe
Posts: 150
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

No, on the top of the file.

If adding aber "<?php" same error.
Reply With Quote
  #32  
Old 02-24-2002, 01:40 PM
Wolf42's Avatar
Wolf42 Wolf42 is offline
 
Join Date: Nov 2001
Location: Vienna, Austria, Europe
Posts: 150
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Just checked, PHP 4.0.6 is running.
Reply With Quote
  #33  
Old 02-24-2002, 03:36 PM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ok the top of config.php should look like

PHP Code:
<?php

if(!strstr("$HTTP_SERVER_VARS[PATH_TRANSLATED]""$HTTP_SERVER_VARS[DOCUMENT_ROOT]")) {
  die();
}
/////////////////////////////////////////////////////////////
// Please note that if you get any errors when connecting, //
// that you will need to email your host as we cannot tell //
// you what your specific values are supposed to be        //
/////////////////////////////////////////////////////////////
Reply With Quote
  #34  
Old 02-25-2002, 01:53 AM
ptbyjason's Avatar
ptbyjason ptbyjason is offline
 
Join Date: Dec 2001
Location: TX
Posts: 116
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Reading over this, I appreciate the thought that went into it.

I now know who and why they did this to our vbulletin. nakkid knows the details of it and I am sure the proper people will know. It could have been a database hack or a hack into vbulletin since it was 2.03. I don't know. I still want to believe it was a database hack, but the time frame between this guy getting mad and the time that he hacked the website was very short. Whatever it was, he did it fast, got in, and then got out. We will be checking the logs tomorrow and hopefully will have more detail on what happened. I will inform nakkid and if James, PPN, or Firefly want to know you can get in touch with me or get in touch with Nakkid. Either way, I just don't want this to happen to anyone again. I will be in touch about it as soon as I find out how he got in.
Reply With Quote
  #35  
Old 02-25-2002, 03:13 AM
eva2000's Avatar
eva2000 eva2000 is offline
 
Join Date: Oct 2001
Location: Brisbane, Australia
Posts: 577
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

also update your IE browsers for latest security bug fixes some are pretty nasty and can you could expose your entire hard drive to crackers...

i.e.

Another IE security/critical update patch here http://www.microsoft.com/windows/ie/...89/default.asp

Quote:
Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files

Technical description:


Frames are used in Internet Explorer to provide for a fuller browsing experience. By design, scripts in the frame of one site or domain should be prohibited from accessing the content of frames in another site or domain. However, a flaw exists in how VBScript is handled in IE relating to validating cross-domain access. This flaw can allow scripts of one domain to access the contents of another domain in a frame.

A malicious user could exploit this vulnerability by using scripting to extract the contents of frames in other domains, then sending that content back to their web site. This would enable the attacker to view files on the user's local machine or capture the contents of third-party web sites the user visited after leaving the attacker?s site. The latter scenario could, in the worst case, enable the attacker to learn personal information like user names, passwords, or credit card information.

In both cases, the user would either have to go to a site under the attacker's control or view an HTML email sent by the attacker. In addition, the attacker would have to know the exact name and location of any files on the user's system. Further, the attacker could only gain access to files that can be displayed in a browser window, such as text files, HTML files, or image files


http://www.microsoft.com/technet/tre...n/MS02-009.asp
Tools -> Windows Update -> Product Updates -> Check Critical Updates -> Download

which will download and install the latest bug fixes for IE browsers
Reply With Quote
  #36  
Old 02-25-2002, 06:59 AM
Wolf42's Avatar
Wolf42 Wolf42 is offline
 
Join Date: Nov 2001
Location: Vienna, Austria, Europe
Posts: 150
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks! Now it's working.
Reply With Quote
  #37  
Old 02-25-2002, 11:27 AM
ptbyjason's Avatar
ptbyjason ptbyjason is offline
 
Join Date: Dec 2001
Location: TX
Posts: 116
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If anyone is from Sweden or can speak Swedish, we could use your help if you would like to help us find this guy. We just need a little bit of help. We have a lot of the info on him already, but we don't speak the language.

Thanks,
Jason
Reply With Quote
  #38  
Old 02-26-2002, 03:10 PM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I got those patches last week eva, there seems to be a new one from Micro$soft every couple of months, I'm glad that Bill decided to focus on security
Reply With Quote
  #39  
Old 02-26-2002, 11:00 PM
TECK's Avatar
TECK TECK is offline
 
Join Date: Nov 2001
Location: Canada
Posts: 4,182
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

thanks alot for the info.
Reply With Quote
  #40  
Old 08-20-2006, 02:07 AM
Watched Watched is offline
 
Join Date: Sep 2005
Posts: 40
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i hate to drudge up an old topic.. but i've recently had the same problem with a member of mine hacking the crap outta my forum.. so i was wondering.. what is the minimum chmod values i should have set per file to keep .. users.. out.. and.. if i were go to into cpanel and simply pass protect the entire admincp directory.. would that do the same as listed above since it requires me to login now not only to the acp but also to the pass protected directory before i can ever see the acp?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:49 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05927 seconds
  • Memory Usage 2,261KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_php
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete