Go Back   vb.org Archive > Community Central > Community Lounge

Reply
 
Thread Tools Display Modes
  #11  
Old 02-02-2018, 11:50 AM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
 
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by IggyP View Post
hmm this is a different mod than the OP linked...fwiw...
Different mod and different mod author.
Reply With Quote
  #12  
Old 02-05-2018, 09:31 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

o.O apparently so ^ there were two reported posts and I clicked on the wrong link! Sometimes oversight is awesome .
Reply With Quote
  #13  
Old 02-08-2018, 03:01 AM
X-or X-or is offline
 
Join Date: Nov 2005
Posts: 201
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Dave View Post
I checked the code and couldn't find the SQL injection backdoor, the email address gathering script is in there though but it doesn't do anything since the site it sends requests to is no longer online.
Email address gathering script?
Isn't it against the rules?

--------------- Added [DATE]1518132620[/DATE] at [TIME]1518132620[/TIME] ---------------

@Dave , could you please provide more details about this email gathering script? Sounds like a very malicious thing.
Reply With Quote
  #14  
Old 07-31-2018, 09:16 AM
X-or X-or is offline
 
Join Date: Nov 2005
Posts: 201
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nobody wants to audit this product, really?

Again I would like to stress the webmaster email was leaked after installing this product....
And maybe the whole database, who knows...
Also this is a product that outputs utterly nonsensical results which only adds to the suspicion
Is this site dead or something, why nobody looks into it
Reply With Quote
Благодарность от:
muratmunich
  #15  
Old 07-31-2018, 02:59 PM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
 
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by X-or View Post
Nobody wants to audit this product, really?

Again I would like to stress the webmaster email was leaked after installing this product....
And maybe the whole database, who knows...
Also this is a product that outputs utterly nonsensical results which only adds to the suspicion
Is this site dead or something, why nobody looks into it
All of the above? The mod hasn't been updated in over 5 years. It probably doesn't even work on PHP 7. If you are unsure about using it, don't use it. If the results are "nonsensical" than it is no loss.

Is the site dead? Not technically, we're posting here... but it is a fraction of what it used to be and even 5 years ago it was a fraction of what it was 5 years before that.
Reply With Quote
  #16  
Old 07-31-2018, 03:13 PM
X-or X-or is offline
 
Join Date: Nov 2005
Posts: 201
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by BirdOPrey5 View Post
The mod hasn't been updated in over 5 years.
Why does it say "Last Update: 14 Apr 2017" ?
Is this information inaccurate?
Reply With Quote
  #17  
Old 07-31-2018, 03:18 PM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
 
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hmmm... somehow I thought this was about this mod: https://vbulletin.org/forum/showthread.php?t=241481

Oh it's because I followed the link in The Last Superman's post (#8) and assumed it was the mod in question, my bad.

I wouldn't use the mod in this post either.

--------------- Added [DATE]1533059424[/DATE] at [TIME]1533059424[/TIME] ---------------

Quote:
Originally Posted by X-or View Post
https://vborg.vbsupport.ru/showthread.php?t=324918

Can someone audit this plugin for potential malicious code?
The nonsensical results of the plugin and the apathy of the author are worrying me a lot.
Here's a mirror : https://www.sendspace.com/file/05icvb
I did a light audit... I looked through the main php file and searched for some common means of collecting/sending data and didn't notice or find anything suspicious.

It's by no means me saying it's safe to use, but there is nothing obvious to me to worry about.

I have no intention of using or installing.
Reply With Quote
  #18  
Old 08-04-2018, 06:56 PM
final kaoss final kaoss is offline
 
Join Date: Apr 2006
Posts: 1,314
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by X-or View Post
https://vborg.vbsupport.ru/showthread.php?t=324918

Can someone audit this plugin for potential malicious code?
The nonsensical results of the plugin and the apathy of the author are worrying me a lot.
Here's a mirror : https://www.sendspace.com/file/05icvb
Just gave it a check;
there's a link to a dead site in the xml description of it. (fuelmyforums)
and a small .js from the google cdn, all is fine here. (<script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>)

The fastest way for someone who isn't used to coding imho is to look is to open the files and do a search for "//" without the quotation marks and you'll easily find any links which could be used to send info to a external site.. Or just give a quick look through of all the files like I did.
Reply With Quote
Благодарность от:
X-or
  #19  
Old 08-05-2018, 04:09 PM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
 
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by final kaoss View Post
Just gave it a check;
there's a link to a dead site in the xml description of it. (fuelmyforums)
and a small .js from the google cdn, all is fine here. (<script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>)

The fastest way for someone who isn't used to coding imho is to look is to open the files and do a search for "//" without the quotation marks and you'll easily find any links which could be used to send info to a external site.. Or just give a quick look through of all the files like I did.
Those up to no good could purposely hide this kind of code though, so be aware if you don't find any it doesn't mean it's 100% safe.
Reply With Quote
Благодарность от:
X-or
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:58 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05393 seconds
  • Memory Usage 2,259KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (7)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (9)post_thanks_box
  • (3)post_thanks_box_bit
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (3)post_thanks_postbit
  • (9)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete