Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
Reload this Page How can Spammers abuse my apache sendmail?
FAQ Community Calendar Today's Posts Search

Reply
Page 2 of 2 1 2
 
Thread Tools Display Modes
  #11  
Old 09-17-2013, 06:37 PM
mefromspace mefromspace is offline
 
Join Date: Aug 2004
Posts: 33
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Zachery View Post
There is no such code in the default product.
You referring to me or? what code u referring to?

--------------- Added [DATE]1379446734[/DATE] at [TIME]1379446734[/TIME] ---------------

Quote:
Originally Posted by nhawk View Post
There are two places for each usergroup where email can be sent.

1) Can Use Email to a Friend
2) Can Email Members

Be sure both of those are turned off for these usergroups..

Unregistered/Not Logged In
Users Awaiting Email Confirmation
Users Awaiting Confirmation

and optionally..
Registered Users
Any other usergroups you want to turn it off for.
As per: https://vborg.vbsupport.ru/showpost....17&postcount=6

I already triple checked this
Reply With Quote
  #12  
Old 09-17-2013, 06:52 PM
nhawk nhawk is offline
 
Join Date: Jan 2011
Posts: 1,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I'm pretty sure Zachery was saying there is no code in register.php where email (or the code to send email) can be injected.

And personally I think the techs at your host are making a bad assumption. They are probably seeing a ton of these in your logs..

POST /register.php?do=checkdate
POST /register.php?do=addmember

That is not an injection taking place. That is a bot trying to gain access to your site by guessing at the human verification or whatever other verification scheme you're using.
Reply With Quote
  #13  
Old 09-17-2013, 08:56 PM
mefromspace mefromspace is offline
 
Join Date: Aug 2004
Posts: 33
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by nhawk View Post
I'm pretty sure Zachery was saying there is no code in register.php where email (or the code to send email) can be injected.

And personally I think the techs at your host are making a bad assumption. They are probably seeing a ton of these in your logs..

POST /register.php?do=checkdate
POST /register.php?do=addmember

That is not an injection taking place. That is a bot trying to gain access to your site by guessing at the human verification or whatever other verification scheme you're using.
ahhh gotcha now i understand what hes referring to

I submitted the server logs from the host and a ticket at vb so time will tell what they get back with of info.
Reply With Quote
Reply
Page 2 of 2 1 2

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 06:05 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06784 seconds
  • Memory Usage 2,184KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (3)post_thanks_box
  • (3)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (3)post_thanks_postbit_info
  • (3)postbit
  • (3)postbit_onlinestatus
  • (3)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete