Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page Anyone know who "uykusuz001" are?
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 02-20-2009, 09:37 PM
Megatr0n Megatr0n is offline
 
Join Date: Jul 2007
Posts: 455
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Anyone know who "uykusuz001" are?
A few hours ago my site seemingly got hacked and all I could see was a page like this:

http://kcsl.ca/X-Portal/

Except it said:


XSS Exploit in vBuletin add-on


ONE TURK AGAINST THE WORLD


AND JUSTICE FOR ALL

If I tried to access any script on the forum or page it'd always take me back to the index.page. Once I uploaded a fresh new copy of the file, the issue was fixed and the site started loading again. It's funny because none of my files or the database wasn't deleted or damaged.

I asked the host and they said they scanned the site whole server and no malicious scripts or shall programs to speak of and did not noticed any breaching through FTP.

Any ideas?
Reply With Quote
  #2  
Old 02-20-2009, 09:49 PM
iyama iyama is offline
 
Join Date: Sep 2008
Posts: 327
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
here more stuff
http://www.google.nl/search?q=uykusuz001&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:nlfficial&client=firefo x-a
Reply With Quote
  #3  
Old 02-20-2009, 09:53 PM
Megatr0n Megatr0n is offline
 
Join Date: Jul 2007
Posts: 455
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks. I have already used Google and can't find much information on it. Just other sites which, have got hacked.
Reply With Quote
  #4  
Old 02-20-2009, 09:58 PM
iyama iyama is offline
 
Join Date: Sep 2008
Posts: 327
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Its a hacker what is hacking around for his fun. And it shows that it is possible to hack your site. Maybe he want you to protect your site the next time better.
Reply With Quote
  #5  
Old 02-20-2009, 10:01 PM
Megatr0n Megatr0n is offline
 
Join Date: Jul 2007
Posts: 455
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
That's just it nothing was hacked, I mean damaged of the sort. I didn't have to restore any sort of back-up or anything.

I was wondering if anyone here can shed some more light about who this guy(s) is/are.
Reply With Quote
  #6  
Old 02-20-2009, 11:07 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I think it was a more of a warning - he *could* have done more to your site since he obviously got access. I suggest you read this - How To Make My Forums More Secure - and also contact your host to see if they can help you figure out how they got access to your server.
Reply With Quote
  #7  
Old 02-21-2009, 12:47 AM
Megatr0n Megatr0n is offline
 
Join Date: Jul 2007
Posts: 455
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Hi Lynne,

You could be right. I read though he also managed to hack United Nation's and Sony's site? :S

I've pretty much followed all those steps from that thread. The host think it's a script based hack but don't know which, one. They've now enabled enhanced logging so if it happens again they'll know. So, I guess we'll have to wait and see.
Reply With Quote
  #8  
Old 02-21-2009, 03:45 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
XSS Exploit in vBuletin add-on
This tells all, really.
Reply With Quote
  #9  
Old 02-21-2009, 06:05 AM
fattony69 fattony69 is offline
 
Join Date: Jun 2007
Location: Philly
Posts: 353
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Dismounted View Post
This tells all, really.
Not ALL. Which one is it?
Reply With Quote
  #10  
Old 02-21-2009, 08:02 AM
iyama iyama is offline
 
Join Date: Sep 2008
Posts: 327
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Maybe he toke the settings from you. Your host can see that
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 05:02 AM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08268 seconds
  • Memory Usage 2,241KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete