The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
My site was exploited/attacked
Okay, here is what I know right now and am learning more as I go. They uploaded a malicious file google.js which was sending people to a russian site. I currently run 3.7.2 Then they uploaded two different files directly into the customavatar folder ./customavatars/adm.php One of those was a program called adminer 2.3.1 Screen shot: They also uploaded another file that I'm not sure what it does... it was ./customavatars/setting.php This one only has a password. I have removed all files but would like help in knowing where the vulnerabilities are!! I have removed the ability for people to upload custom avatars for the time being because I assume that is how this happened. Thoughts? |
#2
|
||||
|
||||
It looks like a gumblar attack. Change all the passwords and then check the server space for any suspicious files. Then upgrade your forum to the lastest version, be that of the 3x series or 4.0.3. And as last but not least contact your host and let them know about it so they can check their logs as well and see how they got in (in the chance that it is not a gumblar atatck), so the security issues can be patched up.
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|