The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
![]()
I don't know how big of a problem this is, but with spammers getting more desperate and aggresive every day, I'd be surpised if this doesn't start happening a whole lot more.
A forum I run (vb 2.x) just got nailed by a spammer who joined and ran a POST script to iterate through userids until they emailed every user on the forums who had email enabled (well over 1,000 ![]() I haven't put the hack in publishable form yet, but it's all available on request. |
#2
|
|||
|
|||
![]()
Ritsui, I experienced the same problem although not all members had recieved this email (I and a few moderators did though).
Could I please have a look at the hack? Thanks - Bane |
#3
|
|||
|
|||
![]()
It wasn't the site's fault, and the emails do get sent from the user who sent them so just report the person to their internet provider using their ip address. Hope that everything works out.
Regards, g-force2k2 |
#4
|
|||
|
|||
![]()
I contacted the user's ISP immediately, but I wouldn't expect any tangible results from that. I can't speak for others, but Roadrunner didn't give a damn about enforcing their own TOS. They said flat out that they only care if the spam itself originated from one of their address blocks.
As for the hack, please keep in mind this was written as a knee jerk only. I'm not a "vb hacker" and I won't warranty or promise to support anything. This works for me under 2.2.5 and should work under 2.3.3. Also... CHECK YOUR LOGS. In our case, the spam was definitely run from members.php, but there are many other places in vBulletin using mail(), so they should be looked at as well. |
![]() |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
![]() |
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|