The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
||||
|
||||
Your first post is very misleading. You claim " there were no addons at the time" and then go on to say "I am pretty sure now that he used a modification to gain access to my account even though he says he didnt so i have already removed most of them. Some of the are critical but i believe are safe."
Modifications are Add-Ons. |
#12
|
||||
|
||||
Quote:
|
#13
|
|||
|
|||
Quote:
He hacked with & without addons, i dont know what to think but the words 'vbulletin version 3.8.x' have been said more than once to me over the last 2 days. Quote:
So whats your advise MAD--DOG? You seem to know the score, what if anything can i do to prevent this? |
#14
|
||||
|
||||
Quote:
Also, I have not heard anything to say 3.8 is less secure than 3.7. But, I don't go reading up on this all the time either. I hate hackers. |
#15
|
|||
|
|||
Why do you hate hackers? Some of them are good and help software companies create a more secure product. I dont think these guys should be put into one basket, there are good and there are bad. Perhaps you just hate the bad ones
|
#16
|
||||
|
||||
Yes, I hate the bad ones.... especially ones that try to extort you to undo what they did.
|
#17
|
||||
|
||||
If the hacker has access to your vBulletin Forum's admin account and it's a Super Administrator account and/or has the permissions to 'manage' plugins; then yes, he can alter/create files on your server. Doesn't matter if you have 3'rd party addons installed or not.
So; Stock vBulletin or not, if he gets access to your admin account, theres nothing stopping him to create his own plugins from your account to run raw PHP code on the Forum. (unless of course that particular admin account doesn't have the permission to alter plugins). |
#18
|
|||
|
|||
Quote:
Thats what i thought and sounds like that is exactly what happened as i can see from the log that the first thing he did was something with plugins.. 17838 Python 18:04, 19th Apr 2009 plugin.php productedit 17837 Python 18:03, 19th Apr 2009 plugin.php product .. is there a way to find out which one was altered? |
#19
|
||||
|
||||
It may show in your access_logs. Each plugin has an id and when you go to edit it, it says the id in the url. So, like I said, look in your access_logs for something like "..../plugin.php?do=edit&pluginid=xx" to get the pluginid.
|
#20
|
||||
|
||||
Quote:
Code:
17838 Python 18:04, 19th Apr 2009 plugin.php productedit To OP: All the hacker used was just plugin edits ? Did you check with your webhost on which 'files' were altered/added to your hosting account in the past 1 week ? |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|