The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#11
09-16-2008, 05:59 PM
|
||||
|
||||
There is a thread about this over on vb.com - http://www.vbulletin.com/forum/showt...ghlight=base64 It's from a modification you have installed, but the thread never says which modification it was.
|
|
#12
09-16-2008, 07:05 PM
|
|||
|
|||
|
Turn off "Allow HTML" in the forum manager as well as the bbcode and any other place you have it set to On.
|
|
#13
09-16-2008, 11:42 PM
|
|||
|
|||
|
Recently they change the permission of the ftp, and others things. But a found de phpShell that they insert me. Iwas called confi2.php in MODULES it was... i delete ir.. Even the antivirus told me that was a malicius code.... but how the hell they insert that..
|
|
#14
09-17-2008, 12:07 PM
|
|||
|
|||
|
With PHPShell, depending on the server configuration it can be very easy indeed to exploit your entire site. However for the hacker to have uploaded the PHPShell script in the first place requires a permission issue somewhere.
|
|
#17
09-18-2008, 11:09 AM
|
|||
|
|||
|
Thanks for the annswer. I delete the last mods, but i will have to check for vulnerabilitys of the rest. I have a Dude, when you reffer to CHMOD.... what they should be.... i mean, all reading, but the one that you upload things writing?
Thanks again
|
|
#19
09-18-2008, 11:34 AM
|
|||
|
|||
|
Even tho a directory/file is set to 777, it does not mean its vulnerable to hacking, 755 is fine for all directories to function correctly, files can be set to 644, 644 can cause issues sometimes when running apache/php as a cgi though when the ownership is set incorrectly.
|
|
#20
09-18-2008, 02:31 PM
|
||||
|
||||
|
Quote:
/customprofilepics /customavatars /signaturepics /clientscript/vbulletin_css And the folder where your attachments are located if they are in the filesystem. (I think that list is correct.)
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 05:38 AM.