Go Back   vb.org Archive > Community Central > Community Lounge
Reload this Page Vbulletin.com hacked
FAQ Members List Calendar Search Today's Posts Mark Forums Read
  #31  
Old 11-04-2015, 11:25 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I dont really see how thats relevant, ssh was not involved in this attack.
Reply With Quote
  #32  
Old 11-05-2015, 11:13 AM
Skyrider Skyrider is offline
 
Join Date: Feb 2006
Location: Netherlands
Posts: 1,392
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Paul M View Post
I dont really see how thats relevant, ssh was not involved in this attack.
According to many sites, it was:

Quote:
5.x.x hacked by Coldzer0 today. Licences & database dumped, shell on server. vBulletin denied
and

Quote:
vBsecurity team from yesterday and they can’t catch it.

and here’s the most weird thing

they using F5 on there servers and didn’t detect my shell or even detecting my traffic
As such he had shell access. Hence my question still stands .
Reply With Quote
  #33  
Old 11-05-2015, 02:13 PM
squidsk's Avatar
squidsk squidsk is offline
 
Join Date: Nov 2010
Posts: 969
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Skyrider View Post
According to many sites, it was:



and



As such he had shell access. Hence my question still stands .
You do realize that if due to the security issue he was able to execute arbitrary code on the server he could give himself shell access, so whether or not he ended up with shell access is irrelevant since it wasn't the shell access itself that was the access point for the breach, which is exactly what Paul was saying.

This would be like worrying about whether the door to your house is well enough protected when the thief came in from the window but was removing items from the door once they were inside.
Reply With Quote
Благодарность от:
TheLastSuperman
  #34  
Old 11-05-2015, 02:19 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
That was issuing shell commands from a php program, not quite the same as direct ssh access.

I dont think it would make our IT guys very happy if I were to start discussing what IB uses, so Im not going to.
Reply With Quote
Благодарность от:
TheLastSuperman
  #35  
Old 11-05-2015, 08:23 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
  
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by squidsk View Post
This would be like worrying about whether the door to your house is well enough protected when the thief came in from the window but was removing items from the door once they were inside.
I'm only worried about how Santa has been coming in these past few years... we have no Chimney!


BAHAHAHAHAHAHA! Sorry, thought we could use some comic relief in here .
Reply With Quote
Благодарность от:
blind-eddie
  #36  
Old 12-14-2015, 11:04 PM
Maghrebia's Avatar
Maghrebia Maghrebia is offline
 
Join Date: Dec 2015
Location: Amsterdam
Posts: 62
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Is this only for vb 5 happened? Is vb 4 safe?
Reply With Quote
Благодарность от:
RichieBoy67
  #37  
Old 12-15-2015, 01:13 AM
RichieBoy67's Avatar
RichieBoy67 RichieBoy67 is offline
 
Join Date: Apr 2004
Location: CT - Down in a hole..
Posts: 3,057
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Maghrebia View Post
Is this only for vb 5 happened? Is vb 4 safe?
Use the latest patch and take precautions and I think it is very secure.
Reply With Quote
  #38  
Old 12-15-2015, 08:54 AM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
  
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
The hack that spawned this thread was only against VB5. VB3 and VB4 were not vulnerable.

That said it is always important to stay up date on the latest patch/version for whatever branch you are using (3.x branch, 4.x branch. or 5.x branch.)

Emails occasionally don't get delivered so it's also a good idea to check the Announcements forum on vBulletin.com or the portal here to keep up with major announcements.
Reply With Quote
Reply
Page 4 of 4 « First 23 4

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 05:14 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09016 seconds
  • Memory Usage 2,246KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (8)post_thanks_box
  • (4)post_thanks_box_bit
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (4)post_thanks_postbit
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete