Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 05-28-2013, 05:17 AM
clauz's Avatar
clauz clauz is offline
 
Join Date: Dec 2010
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Someone extracted all users' emails from vBulletin DB

Hello,
I have a vBulletin forum 4.2.1 .
It is about Table Tennis.
Unfortunately last week all our community members (about 5000 users) have received emails from some guy who owns a Table Tennis Hall, regarding some Competition there...
He has an account on my forum and he registered there with the email responsible for the spam.
I think he hacked our database and extracted all users' emails so he can promote his business.
I must specify that send mail function is disabled for all users in our forum.

What can I do?
Reply With Quote
  #2  
Old 05-28-2013, 05:59 AM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Check server logs by getting in touch with your host if needed
Reply With Quote
  #3  
Old 05-28-2013, 06:21 AM
Big Al Big Al is offline
 
Join Date: Nov 2011
Posts: 54
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Send in an abuse report to the email service. As he is using it in violation of his signed agreement with them.

If for example it is johnsmith @yahoo.com Then send a copy of the spam email along with the headers to abuse@yahoo.com Naturally use the name of the email account, if it is not yahoo.

Just put the word abuse in front of the name as above.
Reply With Quote
  #4  
Old 05-28-2013, 06:49 AM
clauz's Avatar
clauz clauz is offline
 
Join Date: Dec 2010
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I mean, it is possible for any user (no moderator or admin) to extract emails from vBulletin DB? (last version)
Can we somehow secure the database?
Reply With Quote
  #5  
Old 05-28-2013, 03:27 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The only way they could have done that is if they hacked your server, or an admin account, and were able to query the database.
Reply With Quote
  #6  
Old 05-30-2013, 06:32 AM
clauz's Avatar
clauz clauz is offline
 
Join Date: Dec 2010
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Lynne View Post
The only way they could have done that is if they hacked your server, or an admin account, and were able to query the database.
I am the only admin, my password is very complicated, so nobody hacked my account.
The acces to mySQL is posible only from localhost, as the hosting adminstrator confirmed me.
Reply With Quote
  #7  
Old 05-30-2013, 08:29 AM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by clauz View Post
I am the only admin, my password is very complicated, so nobody hacked my account.
The acces to mySQL is posible only from localhost, as the hosting adminstrator confirmed me.
Anything can be hacked no matter how secure you or your host makes it. Tell your host to check server logs
Reply With Quote
  #8  
Old 05-30-2013, 09:48 AM
clauz's Avatar
clauz clauz is offline
 
Join Date: Dec 2010
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ForceHSS View Post
Anything can be hacked no matter how secure you or your host makes it. Tell your host to check server logs
Unfortunately, as I learned shortly, the email list was "extracted" a years ago, but it was used for some advertising only this week.
So no more logs available. My question is how to secure the DB so this never happen' again.
Or if someone have some knowledge's about similar facts on vBulletin DB.
Reply With Quote
  #9  
Old 05-30-2013, 09:54 AM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by clauz View Post
Unfortunately, as I learned shortly, the email list was "extracted" a years ago, but it was used for some advertising only this week.
So no more logs available. My question is how to secure the DB so this never happen' again.
Or if someone have some knowledge's about similar facts on vBulletin DB.
Talk to your host about making things more secure. You can secure your forums more if you need help with this pm me will be happy to help u for free
Reply With Quote
Благодарность от:
Big Al
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:32 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06940 seconds
  • Memory Usage 2,246KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (9)post_thanks_box
  • (1)post_thanks_box_bit
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (9)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete