Go Back   vb.org Archive > Community Central > Community Lounge

Reply
 
Thread Tools Display Modes
  #11  
Old 10-31-2015, 07:05 PM
shimei shimei is offline
 
Join Date: Feb 2015
Posts: 216
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Max Taxable View Post
I laugh at XRumer. defeated long ago.
I have no idea what it is. Could you please elaborate, any suggestions?
Reply With Quote
  #12  
Old 10-31-2015, 07:35 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I hope or accounts are all safe do we need to change or passwords on all sites of vb
Reply With Quote
  #13  
Old 10-31-2015, 07:38 PM
final kaoss final kaoss is offline
 
Join Date: Apr 2006
Posts: 1,314
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ForceHSS View Post
I hope or accounts are all safe do we need to change or passwords on all sites of vb
They should be safe if all they got were 1 minute of access. Not nearly enough time to do a mysql dump. If you're super paranoid about it, it can't hurt to be safe & change the login details.
Reply With Quote
  #14  
Old 10-31-2015, 07:41 PM
Dave Dave is offline
 
Join Date: May 2010
Posts: 2,583
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well dumping just the username, password, salt and email column of the user table shouldn't take too long. You can gather a lot of information in just 1 minute.

Let's hope vBulletin makes an announcement regarding this because I'm really curious what happened and what damage the "hackers" managed to do.
Reply With Quote
  #15  
Old 10-31-2015, 07:43 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by final kaoss View Post
They should be safe if all they got were 1 minute of access. Not nearly enough time to do a mysql dump. If you're super paranoid about it, it can't hurt to be safe & change the login details.
A lot can be done in one min
Reply With Quote
  #16  
Old 10-31-2015, 08:09 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ForceHSS View Post
I hope or accounts are all safe do we need to change or passwords on all sites of vb
I would wait to change, if it's still showing as hacked we don't know what level of extent the hack was i.e. shell script uploaded? Logging user logins? No clue other than the defaced forum currently but point being no need to change if being logged or if still hacked.

Quote:
Originally Posted by final kaoss View Post
They should be safe if all they got were 1 minute of access. Not nearly enough time to do a mysql dump. If you're super paranoid about it, it can't hurt to be safe & change the login details.
Who says they wanted anything from the database? The whole point could have been to gain access and deface or some other motive. It's not always about getting info, sometimes it's about injection and other methods.

Quote:
Originally Posted by Dave View Post
Well dumping just the username, password, salt and email column of the user table shouldn't take too long. You can gather a lot of information in just 1 minute.

Let's hope vBulletin makes an announcement regarding this because I'm really curious what happened and what damage the "hackers" managed to do.
Paul is on vacation so someone else we be fixing this, with it being Halloween if they have kids... well not sure if they'll be in sooner or later on a Saturday. I would guess that others are lined up to take care of issues like this, they have someone looking at it already if I had to guess .

Quote:
Originally Posted by ForceHSS View Post
A lot can be done in one min
Yes it can, then again depends on who is in there during that one minute.
Reply With Quote
  #17  
Old 10-31-2015, 08:46 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It's back up everyone .

So someone took the time to fix this on a Saturday, for that I'm thankful .

Edit: I spoke too soon! I was on this page when refreshing:
http://www.vbulletin.com/forum/forum...google-adsense

^Which does come up now, so it seems only the forumhome page remains defaced. Soon as someone is working on it else the thread would not be coming up now .
Reply With Quote
  #18  
Old 10-31-2015, 08:48 PM
shimei shimei is offline
 
Join Date: Feb 2015
Posts: 216
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by TheLastSuperman View Post
It's back up everyone .

So someone took the time to fix this on a Saturday, for that I'm thankful .

Edit: I spoke too soon! I was on this page when refreshing:
http://www.vbulletin.com/forum/forum...google-adsense

^Which does come up now, so it seems only the forumhome page remains defaced. Soon as someone is working on it else the thread would not be coming up now .
Betcha you were sweating when you noticed the VB5 owners beginning to form a mob and grabbing pitch forks. Just curious will you be our VB spokesperson for damage control?
Reply With Quote
  #19  
Old 10-31-2015, 08:57 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by shimei View Post
Betcha you were sweating when you noticed the VB5 owners beginning to form a mob and grabbing pitch forks. Just curious will be VB spokesman for damage control?
Nah not really, tons of sites are hacked daily... granted someone with big basketballs tries to hack an official site either that or a very intelligent idiot which contrary to popular belief and contrary to being a contradiction in themselves do exist!

I will not be the spokesperson for damage control, I just moderate here on the org and do not work for vBulletin any longer (have not for a while now but great people there I will say that!). I just wanted to make sure everyone was ok here with what was going on there and as you can see they're making progress already else that thread I linked to would still have the same message up instead of actual content.

We all need to wait for an official announcement before speculating too much. It's always over speculation and assumptions that lead to the naysayers and now-fanboys of other software to start bombing this thread with banter and one-sided comments about the software's flaws and other tidbits of utterly useless information when they don't know anything until vB discloses it.

So please don't assume or speculate in a negative way - opinions are just that but overextending your imagination only works well with toys .
Reply With Quote
  #20  
Old 10-31-2015, 09:01 PM
shimei shimei is offline
 
Join Date: Feb 2015
Posts: 216
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, I think you're doing a wonderful job and have been extremely helpful.

Thanks,
William
Reply With Quote
Благодарность от:
ForceHSS
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:38 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06258 seconds
  • Memory Usage 2,269KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (9)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (10)post_thanks_box
  • (1)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete