Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #11  
Old 02-17-2008, 02:00 AM
KW802's Avatar
KW802 KW802 is offline
 
Join Date: Jul 2003
Location: A galaxy far, far away...
Posts: 1,450
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mousegeek View Post
Well I got mine all fixed up and I put a bunch of sucerity stuff in there. But take a look at my friends vB:

http://vmkadventure.com

It has me and him stumped as to where to remove that garbage and make sure it wont happen again.
Looking at a site after it's been hacked doesn't do us any good.

We would still need that list of what add-ons & hacks are on the site(s) to give any ideas on where the problem might be.
Reply With Quote
  #12  
Old 02-17-2008, 02:42 AM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The 'garbage' was entered right around where the CSS link is normally - you may want to check the permissions in the clientscript folder). If you are going to troubleshoot it, you need to know what the templates *used* to look like, and what they currently look like. You also need to figure out exactly what the hackers had access to. You really haven't given much information at all for anybody to try to figure it out. I can tell that your friend has quite a few hacks because the source code on that page is not standard vb. He might want to go read the threads for all of them and see if this hacking comes up in any of them and also make sure that he is using the latest version of all those hacks because sometimes they are upgraded because of security issues that were found.
Reply With Quote
  #13  
Old 02-17-2008, 02:59 AM
mousegeek's Avatar
mousegeek mousegeek is offline
 
Join Date: Mar 2006
Posts: 112
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by KW802 View Post
Looking at a site after it's been hacked doesn't do us any good.

We would still need that list of what add-ons & hacks are on the site(s) to give any ideas on where the problem might be.
All right, here's all of the mods he has installed (so far)

vB Gallery
vB Blog
User Pages by Amy
Awards Showcase
vB Plaza (He don't use it but he has it installed on his site still)
vB BB Video Codeing (I forgot the name but I know it's a very big, big as in popular, addon)

Yea I know, he don't add many addons.






Lynne - Thank you very much for posting that information. I am right on it hoping to make sure that that resolves the problem!
Reply With Quote
  #14  
Old 02-17-2008, 03:49 AM
KW802's Avatar
KW802 KW802 is offline
 
Join Date: Jul 2003
Location: A galaxy far, far away...
Posts: 1,450
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mousegeek View Post
All right, here's all of the mods he has installed (so far)

vB Gallery
...
Make sure that the site has either been upgraded to vBGallery 2.4.x or the security patches have been applied for the older versions. Within the past month a security exploit was found (see the PhotoPost.com support forums for details).
Reply With Quote
  #15  
Old 02-17-2008, 04:07 AM
DieselMinded's Avatar
DieselMinded DieselMinded is offline
 
Join Date: Mar 2007
Posts: 1,655
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

From Your Friends Site.......

T0uch3d l3y Bright D@Rk

Y0ur S1r Bright D@Rk
Where is The Security Dude?
It Seems Your Security doomed to Failure
Plz Dude Don't Talking Again About
Or Never Talking About
is
only 4 Elite People and U R not of Them
is Not
For Lamerz
Script Kids!!
So Plz Go Away and look for Such Useful
thing 2 Do
G00D LUCK And Make Sure You Make The
Security
The Highest Next Time
h4ck3r
CoM
Special Greetz : Dr.Hacker -
AsbMay - nO4HarD -
Mohandko - Sp1der NeT
eGyptGhosT - Lecopra - Dr.Dermann- rED Wolf - rED
Casper - Black Cod3 - Dr.Dell - CiTy Hack - Hack4Life
Cyber Terrorist
Mohajer
22 - Alk()Mand()z Hacker - BoOoDy - ToOoFa - MaStErZmInD - GoDa HaCKeR  - Mr.Max -
nOur IcE
Special
Greetz 4 H4ck 3Gy
Reply With Quote
  #16  
Old 02-17-2008, 02:38 PM
mousegeek's Avatar
mousegeek mousegeek is offline
 
Join Date: Mar 2006
Posts: 112
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by KW802 View Post
Make sure that the site has either been upgraded to vBGallery 2.4.x or the security patches have been applied for the older versions. Within the past month a security exploit was found (see the PhotoPost.com support forums for details).
Yes, he always keeps his mods updated. It even says here 2.4.1.

Quote:
Originally Posted by DiesellMinded View Post
From Your Friends Site.......


T0uch3d l3y Bright D@Rk

Y0ur S1r Bright D@Rk
Where is The Security Dude?
It Seems Your Security doomed to Failure
Plz Dude Don't Talking Again About
Or Never Talking About
is
only 4 Elite People and U R not of Them
is Not
For Lamerz
Script Kids!!
So Plz Go Away and look for Such Useful
thing 2 Do
G00D LUCK And Make Sure You Make The
Security
The Highest Next Time
h4ck3r
CoM
Special Greetz : Dr.Hacker -
AsbMay - nO4HarD -
Mohandko - Sp1der NeT
eGyptGhosT - Lecopra - Dr.Dermann- rED Wolf - rED
Casper - Black Cod3 - Dr.Dell - CiTy Hack - Hack4Life
Cyber Terrorist
Mohajer
22 - Alk()Mand()z Hacker - BoOoDy - ToOoFa - MaStErZmInD - GoDa HaCKeR  - Mr.Max -
nOur IcE
Special
Greetz 4 H4ck 3Gy
Yea, that's the hack note.
Reply With Quote
  #17  
Old 02-17-2008, 11:09 PM
KW802's Avatar
KW802 KW802 is offline
 
Join Date: Jul 2003
Location: A galaxy far, far away...
Posts: 1,450
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mousegeek View Post
Yes, he always keeps his mods updated. It even says here 2.4.1.
It says where? Going to that link doesn't show a working forum.

Besides updating the software version, also ask him if he scanned his gallery files for any files that may have been uploaded prior to him upgrading to the current version. If a exploit file was uploaded prior to the version being upgraded and if that file was left out on his server then even though he may have upgraded the software his site is still open to being exploited.
Reply With Quote
  #18  
Old 02-18-2008, 01:29 AM
mousegeek's Avatar
mousegeek mousegeek is offline
 
Join Date: Mar 2006
Posts: 112
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by KW802 View Post
It says where? Going to that link doesn't show a working forum.

Besides updating the software version, also ask him if he scanned his gallery files for any files that may have been uploaded prior to him upgrading to the current version. If a exploit file was uploaded prior to the version being upgraded and if that file was left out on his server then even though he may have upgraded the software his site is still open to being exploited.
Yea, he said he scanned the files and he said that he just did it now. This is leaveing me clueless.

--------------- Added [DATE]1203387371[/DATE] at [TIME]1203387371[/TIME] ---------------

All right, I checked myself and it's not that client thing you were talking about lynee.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:02 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06675 seconds
  • Memory Usage 2,242KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (7)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete