Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
Reload this Page Finding vulnerability allowing hack?
FAQ Community Calendar Today's Posts Search

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 06-23-2015, 10:56 AM
wolfey wolfey is offline
 
Join Date: Nov 2009
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Finding vulnerability allowing hack?
Just noticed that from yesterday someone has logged into admin and was running some scripts unauthorized.

And just now, I seen a new plugin get created which I deleted right away

I have already changed permissions for that admin and password, but I think they can use any as I seen my name used from a Russian ip address.

What an I do to find & remove their way in?

Here is log shot from first attack:
30151 smolinaro 12:16, 22nd Jun 2015 plugin.php update plugin id = 1869 178.73.196.73
30150 smolinaro 12:15, 22nd Jun 2015 plugin.php edit plugin id = 1869 178.73.196.73
30149 smolinaro 12:15, 22nd Jun 2015 plugin.php update plugin id = 1869 178.73.196.73
30148 smolinaro 12:15, 22nd Jun 2015 modlog.php choose 178.73.196.73
30147 smolinaro 12:14, 22nd Jun 2015 plugin.php edit plugin id = 1869 178.73.196.73
30146 smolinaro 12:13, 22nd Jun 2015 plugin.php 178.73.196.73
30145 smolinaro 12:13, 22nd Jun 2015 plugin.php update 178.73.196.73
30144 smolinaro 12:06, 22nd Jun 2015 plugin.php add 178.73.196.73
30143 smolinaro 12:05, 22nd Jun 2015 plugin.php files 178.73.196.73
30142 smolinaro 12:05, 22nd Jun 2015 plugin.php modify 178.73.196.73
30141 smolinaro 11:59, 22nd Jun 2015 cronadmin.php edit 178.73.196.73
30140 smolinaro 11:58, 22nd Jun 2015 adminlog.php choose 178.73.196.73
30139 smolinaro 11:57, 22nd Jun 2015 subscriptions.php transactions 178.73.196.73
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:19 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03619 seconds
  • Memory Usage 2,385KB
  • Queries Executed 12 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (6)post_thanks_box
  • (1)post_thanks_box_bit
  • (6)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (6)post_thanks_postbit_info
  • (6)postbit
  • (6)postbit_onlinestatus
  • (6)postbit_wrapper
  • (1)showthread_list
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_threadedmode.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids_threaded
  • showthread_threaded_construct_link
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete