Go Back   vb.org Archive > Community Central > Community Lounge
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 10-31-2015, 06:20 PM
shimei shimei is offline
 
Join Date: Feb 2015
Posts: 216
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Vbulletin.com hacked

For us VB5 owners.... I hope they fill us in when they have it figured out.

Reply With Quote
  #2  
Old 10-31-2015, 06:21 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I just noticed as well, apparently Cold had Zero things to do on a Saturday, I'd hate to be so lonely myself!
Reply With Quote
  #3  
Old 10-31-2015, 06:27 PM
shimei shimei is offline
 
Join Date: Feb 2015
Posts: 216
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Had a guy come onto my site yesterday. He claimed to be using a program that could create registered accounts, and used some 200 proxies. I believe he referred to it as xrumer profiles. Supposedly he creates hacks and sells them.

Of course the only thing I could do was to manually moderate new accounts. He created another account near instantaneous.
Reply With Quote
  #4  
Old 10-31-2015, 06:28 PM
bridge2heyday's Avatar
bridge2heyday bridge2heyday is offline
 
Join Date: Aug 2014
Location: Egypt
Posts: 141
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is Very Bad , I think it will have a big effect on vbulletin
Reply With Quote
  #5  
Old 10-31-2015, 06:32 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You can still access the members area via https://members.vbulletin.com

It appears to have only been the forums, the main home page and all subsequently related pages work along with the members area as well.

If your vB5 forum is hacked, close the board and await an announcement and new security patch because currently since we (the public) do not know the exploit used, overwriting with fresh files from a version with an apparent exploit won't be of much use.

*Although to be fair this could have been some other form of exploit... server possibly however I doubt that based on it only being the vB5 powered forums down currently - we honestly do not know yet . *This may also be something that affected the specific version on vbulletin.com, meaning that usually they run a slightly newer version than what is currently released so it's entirely possible only their version was compromised and no others are at risk however that's dependent on a number of factors.

Is it bad? Well sure no one likes being defaced that way but let's not start a panic and have chaos ensue in this thread, we'll know more soon .
Reply With Quote
  #6  
Old 10-31-2015, 06:40 PM
Dave Dave is offline
 
Join Date: May 2010
Posts: 2,583
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Now the question is if it got hacked because of a vBulletin 5 exploit or something else. Looking at the amount of vBulletin 5 vulnerabilities in the past, it does not surprise me if it's a vBulletin 5 exploit.
Reply With Quote
  #7  
Old 10-31-2015, 06:43 PM
bridge2heyday's Avatar
bridge2heyday bridge2heyday is offline
 
Join Date: Aug 2014
Location: Egypt
Posts: 141
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The hacker in his Facebook page says he lost control , He claims he could control the site for 1 minute only .
Reply With Quote
  #8  
Old 10-31-2015, 06:45 PM
napy8gen napy8gen is offline
 
Join Date: Jan 2006
Location: port ++++son
Posts: 519
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How many times vbulletin.com hacked since 2001 and what version?
Reply With Quote
  #9  
Old 10-31-2015, 06:50 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Dave View Post
Now the question is if it got hacked because of a vBulletin 5 exploit or something else. Looking at the amount of vBulletin 5 vulnerabilities in the past, it does not surprise me if it's a vBulletin 5 exploit.
LOL I was editing my post rewording it with something along those lines before I saw your post .

Quote:
Originally Posted by bridge2heyday View Post
The hacker in his Facebook page says he lost control , He claims he could control the site for 1 minute only .
More than likely due to all the security they have in place to prevent things like this from occurring. Why are you on his facebook page? Silly to even bother visiting it imo, trash all looks the same.

Quote:
Originally Posted by napy8gen View Post
How many times vbulletin.com hacked since 2001 and what version?
I only know of one other time, I barely recall another time before that but can't say for sure. I know the p0wetards... err I mean p0wersurge folks were able to pull it off a while back. I can only vouch for twice myself.
Reply With Quote
  #10  
Old 10-31-2015, 07:01 PM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by shimei View Post
Had a guy come onto my site yesterday. He claimed to be using a program that could create registered accounts, and used some 200 proxies. I believe he referred to it as xrumer profiles. Supposedly he creates hacks and sells them.

Of course the only thing I could do was to manually moderate new accounts. He created another account near instantaneous.
I laugh at XRumer. defeated long ago.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:11 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04211 seconds
  • Memory Usage 2,264KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete