Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #41  
Old 09-25-2008, 08:15 PM
RS25com RS25com is offline
 
Join Date: Dec 2001
Posts: 87
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Interesting. Sounds like he is saying the script he used to exploit the site was already installed elsewhere on the server. Quite bummer.

For reference, I host with Hostgator (dedicated server) and after getting hacked a few times in the past (uploading the .txt shell script files) I had them install mod_security and use the same ruleset they use on their public hosting servers. So far I have not been exploited since.
Reply With Quote
  #42  
Old 09-26-2008, 08:04 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
i was have phpshell script on the server that ur site has hosted on . .

but i was user and it mean that i can only read files from other sites on the server
These 2 lines are the key in this whole conversation.

It simply means that your host has not secured the shared server you are on. Other customers of this host can read your files. As long as this is possible, nothing you do will stop someone:

Solutions:
- Contact your host and have them bring their security up2date.
- Change host!!!!
Reply With Quote
  #43  
Old 10-10-2008, 01:37 AM
clasione clasione is offline
 
Join Date: Aug 2004
Location: NY
Posts: 76
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

As far as I know this has nothing to do with plugins... This happened to two of my forums. I upgraded to the latest version and it just happened again... I host with Rackspace which went over my machine looking for vulnerabilties the first time this happened...

I think it is a whole in vbulletin.

Is there a way to lock the spacer_open table in the database to stop them from inserting their code?

--------------- Added [DATE]1223661876[/DATE] at [TIME]1223661876[/TIME] ---------------

this is a pretty decent size vulnerability... happened to me again...
Reply With Quote
  #44  
Old 10-31-2008, 01:00 AM
hantousha hantousha is offline
 
Join Date: Jan 2007
Posts: 10
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I am having the same problem with been hacked very often by placing a base64 code.. Have we found a fix. I changed hosters, did a cleaned install of 3.73PL1, and still been able to be hacked.
Reply With Quote
  #45  
Old 10-31-2008, 06:08 AM
UKBusinessLive UKBusinessLive is offline
 
Join Date: Sep 2008
Location: Essex, United Kingdom
Posts: 1,637
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Just to be extra safe guys make sure you Check your file/folder permissions.

FILE permissions shouldn't be higher than 644

FOLDER permissions shouldn't be higher than 755

Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:26 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03836 seconds
  • Memory Usage 2,204KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete