Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > Premium Archives > ibProArcade Archive
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Very old version of this plugin Details »»
Very old version of this plugin
Version: , by jesus likes pie jesus likes pie is offline
Developer Last Online: Jul 2013 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 07-20-2013 Last Update: Never Installs: 0
 
No support by the author.

Hi, I have an expired vBulletin license and am stuck at 3.8.2.

My forum has been compromised a few times in the past 5 months. Nothing has been defaced but its obviously still worrying. The first time this happened, all of my .js files were edited to include some extra iframe/call or something (can't quite recall).

The second time, I remember index.php and global.php were both edited to have some sort of strange code added at the very top (before the vB copyright comment). I assume it was some sort of shell (!!).

I've researched the release notes for vB 3.8.3 - 3.8.7 as well as the bugs in their tracker website (forgot the name). It seems to me that vB 3.8.2 is itself safe. There was some sort of scary exploit regarding the FAQ but it seems to have only been for 3.8.6 - so I should be safe.

This means the exploit has to be caused by some plugin. It seems I'm running a very old version of ibProArcade: 2.6.5. Is this likely the cause of my problems? Can someone PM me details of how an attacker can compromise my site with this version of the arcade? (If you look at my vb.org history hopefully you'll see that I'm not trying to phish details in order to exploit other forums!).

Finally, in order to fix this, is it enough to turn the Arcade "OFF" in the Main settings and then disable the product through the ACP Product Manager? Or should I remove the .php file(s) associated with it as well? (Is it only arcade.php?)

Thanks!

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:59 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03329 seconds
  • Memory Usage 2,187KB
  • Queries Executed 16 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete