The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#31
11-30-2016, 09:34 AM
|
|||
|
|||
Per the advice in this thread, I'm going to be deleting all plugins, fixing 4.2.0 and upgrading to 4.2.3 this morning; I am under the impression that a very likely culprit here is Yet Another Awards System, a plugin which, when I googled it, came back heavily associated with "SQL Injection."
It's a bit of a shame, though -- apparently we've used YAAS for many years to give badges and whatnot to members of the community. This is a shot in the dark, but does anyone know if those vulnerabilities have been patched by 4.2.3? Is there a good way to similarly overwrite the plugin's files without losing our data on who has what award and so forth? 
|
|
#32
11-30-2016, 10:24 AM
|
||||
|
||||
|
Quote:
Only the product developer could fix them.
|
|
#33
11-30-2016, 03:46 PM
|
|||
|
|||
|
Hi folks,
My upgrade from 4.2.0 to 4.2.3 seems to have stalled out at the very first step: Upgrading to 4.2.3 Status: Processing 4.2.1 Alpha 1, Step 1 of 6 The "upgrade progress" window is completely blank. It's been this way for about twenty minutes. I know that the whole process may take an hour, or hours, but the lack of any visible progress has me a little spooked. Should I be concerned that it's run out of memory or something? (It advised me before I started that there was a way I could do this from the command line if necessary, but not knowing whether or not it would be necessary, I elected to let the script try to process through the browser control panel as normal). Is there a way to cancel out, then retry from the command line? Thanks!
|
|
#34
11-30-2016, 06:15 PM
|
|||
|
|||
|
Check the error logs of your web-server or PHP in order to figure out what is causing it to stop.
Cause could vary; out of memory, webhost blocking you automatically because of too many connections to the server, SQL error, etc.
|
|
#35
12-01-2016, 08:16 AM
|
||||
|
||||
|
Quote:
|
|
#36
12-11-2016, 02:57 PM
|
|||
|
|||
|
Quote:
Here, I'll save you a whole messload of trouble- login to your server. Go to your MySql Database (the one for your vBulletin install). Click on search. Type %base64% click on SELECT ALL hit "Go". You will find a large number of base64 codes hidden, most likely within [img] tags from filestore. Remove those. If you have plugins that are using base64- you'd better run a decode and see precisely what they're using it for. Attachment 155535 If you look through your files and see picture_inline.php that file is Shell Script installed and is infecting your server/site. ( Picture_inlinemod.php IS legit)
|
|
#37
04-24-2018, 11:38 AM
|
|||
|
|||
|
Getting those redirects from a google search to the forum where I help admin, is there an absolute fix for this issue? We have vbulletin 4.2.5.
|
|
#38
04-24-2018, 12:58 PM
|
||||
|
||||
|
Quote:
https://www.vbulletin.com/forum/foru...lestore72-info https://clients.urljet.com/knowledge...e123-Hack.html https://clients.urljet.com/knowledge...version-2.html With filestore they can insert it many different ways, be sure to check for template edits and also rogue plugins (OR malicious code added at the bottom of a plugin). I've even seen some take the site into debug mode and add the infection to the Master Style before let's hope they didn't do that to you i.e. possibly some script-kiddie using a tutorial and hasn't a clue about things of this nature other than how to read top-to-bottom and clickity-click-click (lol).
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 08:39 PM.