The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
06-24-2008, 07:40 PM
|
|||
|
|||
weird user maybe a hacker
this morning around 5am i went to who is online and i saw someone using one of my test account on our board and where his ip should be only say server2 then i click on resolve ip and i get 127.0.0.1 i delete the test account and he was trying to login using different admin names from forum leader list .Then I make all admins regular users just to be safe .
this for me is the first time i get someone with a ip like that because 127.0.0.1 should be local host .or I wrong? any idea where i should look first ? 
|
|
#3
06-24-2008, 07:59 PM
|
|||
|
|||
|
that IP is simple to use... someone with a website hosted on the same server as you are, using a shelled page... automated login via localhost access... basic, first thing a newbie hacker would do to trick a forum from phpBB...
|
|
#4
06-24-2008, 09:47 PM
|
||||
|
||||
|
Well, since there aren't any currently known security issues with vBulletin, as long as your passwords are secure and relatively complex and you follow the basic security tips given out on the official site this user shouldn't succeed...
|
|
#6
06-24-2008, 11:08 PM
|
||||
|
||||
|
Well if they were trying something tried on phpBB boards, then trying said technique on a vBulletin powered board, despite vBulletin being coded completely differently other than using PHP and MYSQL would not exactly make me think said 'hacker' was too competent.
That and I doubt Jelsoft would leave yet another security problem in vBulletin that somehow went undetected for months despite many great coders having used the software and probably would have reported any security problems they found...
|
|
#7
06-25-2008, 12:12 AM
|
|||
|
|||
|
Quote:
|
|
#8
06-25-2008, 12:18 AM
|
||||
|
||||
|
Unless other users use that IP, no.
|
|
#9
06-25-2008, 11:06 AM
|
|||
|
|||
|
Quote:
 As I've said, exploits are always found by the bad guys first. Not every security issue is that noticeable, even with quality coders using vBulletin.
|
|
#10
06-25-2008, 07:49 PM
|
|||
|
|||
|
OK today he finally got a hold of my user account since he can only log as a user but cant can to control panel since we have a second password to it .
also he did same thing in our second site . he post in our staff area that he using a sql injection i am in the process of remove same hacks install in both sites to see if that help. server login was change ,ftp login was change basically all password was change and i ban ip 127.0.0.1 now will re upload all vb files again . anything i forgetting ?
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 01:18 PM.