Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
  #1  
Old 06-18-2007, 12:13 PM
zappsan's Avatar
zappsan zappsan is offline
 
Join Date: Sep 2004
Posts: 188
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Hacking attempt?

A few minutes ago, I saw a guest on my forums who had the following listed as their action in the "Who is online": (removed)

When I looked at the link (removed) I found a strange script file.
Was this a hacking attempt?

Nothing happened, I also don't have ImPex on my forums.

Any idea what this thing is trying to do?
Reply With Quote
  #2  
Old 06-18-2007, 12:17 PM
Distance's Avatar
Distance Distance is offline
 
Join Date: Jul 2006
Location: Boston, Uk
Posts: 725
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You're right. That does look really suspicious. It has several references to MD5 hashes in there too

Edit; I got told that thats a spider trying to find vulnerable forums
Reply With Quote
  #3  
Old 06-18-2007, 12:27 PM
no mods's Avatar
no mods no mods is offline
 
Join Date: Apr 2007
Posts: 488
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

woo clicked the link and got a new virus on my computer, just dandy.
Reply With Quote
  #4  
Old 06-18-2007, 12:43 PM
Distance's Avatar
Distance Distance is offline
 
Join Date: Jul 2006
Location: Boston, Uk
Posts: 725
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I highly doubt thats true lol
Reply With Quote
  #5  
Old 06-18-2007, 01:16 PM
no mods's Avatar
no mods no mods is offline
 
Join Date: Apr 2007
Posts: 488
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The little red aol box poped up when I clicked it saying we have found a virus, but were not able to stop or delete it. Its wonderful having aol security.
Reply With Quote
  #6  
Old 06-18-2007, 01:25 PM
Distance's Avatar
Distance Distance is offline
 
Join Date: Jul 2006
Location: Boston, Uk
Posts: 725
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Its not wonderful having aol at all

Bt Business FTW (Nod32 for viruses)
Reply With Quote
  #7  
Old 06-18-2007, 02:10 PM
no mods's Avatar
no mods no mods is offline
 
Join Date: Apr 2007
Posts: 488
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Eh everytime I try and install some anti virus program my internet stops working.
Reply With Quote
  #8  
Old 06-18-2007, 03:35 PM
zappsan's Avatar
zappsan zappsan is offline
 
Join Date: Sep 2004
Posts: 188
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by no mods View Post
woo clicked the link and got a new virus on my computer, just dandy.
Sorry
When I opened the page, I had no problems and I didn't expect a text file to cause any harm :/
I hope that didn't mess up your system

So it's looking for vulnerable forums?
Vulnerable in which way?
The thing looked for an ImPex directory on my board, does that mean it could make use of it in some way?
It also included that Arcade link in the URL.

I was kinda shocked when I saw that thing, it kinda scared me aswell as the text file.
I've never been hacked before...
Reply With Quote
  #9  
Old 06-18-2007, 04:12 PM
dyna88 dyna88 is offline
 
Join Date: Dec 2006
Location: Wisconsin
Posts: 164
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Older versions of ImPex had a RFI exploit I believe
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:41 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05265 seconds
  • Memory Usage 2,233KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (9)post_thanks_box
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (9)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete