Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #11  
Old 11-07-2013, 10:33 AM
Bladed Bladed is offline
 
Join Date: Nov 2013
Posts: 54
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The error I listed is from the upgrade attempt. So i think the database is pretty much trash. I fear it has some (read as a lot of) bad code left from the hackers, and i don't know much about mysql to be able to fix that.

I think my best bet is to start from scratch, and properly set up vb so it is secure from the get go.
Reply With Quote
  #12  
Old 11-07-2013, 10:34 AM
tbworld tbworld is offline
 
Join Date: Oct 2008
Posts: 2,126
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Bladed View Post
OK, so basically because of the extent of this hack and malware, I really need to start from scratch, as this would be the most effective way of cleaning the site up.

I just took this forum over and from what I can tell this "backdoor" in has been there for quite a while. a good number of things like the admincp had not been secured against intrusion.
Most sites can be restored unless the database is corrupted or deleted. For most people starting over is really not a choice as the existing threads to a forum is everything.

If this is overwhelming for you, you might want to seek paid help to get you healthy and secured.
Reply With Quote
  #13  
Old 11-07-2013, 10:41 AM
Bladed Bladed is offline
 
Join Date: Nov 2013
Posts: 54
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well I can't afford "paid" help, so I have to fix it. Fortunately The forum was small and we've only had vb for a year or so. In the previous incarnation different bulletin board products had been used and had to been started over from scratch.

My users were told by the previous owner he was shutting it down for good, until I told him I'd take it over. I should have expected that the problems behind the curtain were greater than I had anticipated.
Reply With Quote
  #14  
Old 11-07-2013, 10:46 AM
tbworld tbworld is offline
 
Join Date: Oct 2008
Posts: 2,126
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Since so many boards were hacked recently there is a ton of information on vb.org to assist you. Resolving your issues is not that difficult, but you must be thorough. In your case just concentrate getting the board up and running and keep all plugins disabled. Make backups at every step if you can. Ask for help here when you do not know what you are doing. Do not miss steps when following the guidelines.

You do have my sympathy, you have a bit of work to do. This is not the fun part of running a forum.
Reply With Quote
  #15  
Old 11-07-2013, 10:50 AM
Bladed Bladed is offline
 
Join Date: Nov 2013
Posts: 54
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

WEll i posted on FB to a page that my main users are on asking them their opinion, whether or not to start from scratch or risk my missing a piece of potentially malicious code.

I ran the upgrade script again and still getting the same database error as in the op.

--------------- Added [DATE]1383825115[/DATE] at [TIME]1383825115[/TIME] ---------------

this is what I'm getting in my browser when I try to login to the admincp.


Warning: Function split() is deprecated in ..../includes/functions_login.php(204) : eval()'d code on line 10

Warning: Function split() is deprecated in ..../includes/functions_login.php(204) : eval()'d code on line 11
Unable to add cookies, header already sent.
File: /home/bonifer/public_html/includes/class_core.php
Line: 5755
Reply With Quote
  #16  
Old 11-07-2013, 10:54 AM
tbworld tbworld is offline
 
Join Date: Oct 2008
Posts: 2,126
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

As I said before, do not try to upgrade. Restore your backup and follow the guidelines I posted. All you will have if you try to upgrade is a corrupted forum, with no known state.
Reply With Quote
  #17  
Old 11-07-2013, 10:57 AM
Bladed Bladed is offline
 
Join Date: Nov 2013
Posts: 54
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The copy of the forum I have is of the hacked forum. I don't think a clean backup copy exists.
Reply With Quote
  #18  
Old 11-07-2013, 10:58 AM
tbworld tbworld is offline
 
Join Date: Oct 2008
Posts: 2,126
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Bladed View Post
WEll i posted on FB to a page that my main users are on asking them their opinion, whether or not to start from scratch or risk my missing a piece of potentially malicious code.

I ran the upgrade script again and still getting the same database error as in the op.

--------------- Added 07 Nov 2013 at 03:51 ---------------

this is what I'm getting in my browser when I try to login to the admincp.


Warning: Function split() is deprecated in ..../includes/functions_login.php(204) : eval()'d code on line 10

Warning: Function split() is deprecated in ..../includes/functions_login.php(204) : eval()'d code on line 11
Unable to add cookies, header already sent.
File: /home/bonifer/public_html/includes/class_core.php
Line: 5755
Those errors are caused by plugins/mods that need to be upgraded or patched for v4.2.2. There are quite a few differences between v4.2.1 and v4.2.2 and it will definitely complicate you restoring your board.

What version of vBulletin are you running before you upgraded? What version of PHP?
Reply With Quote
  #19  
Old 11-07-2013, 11:01 AM
Bladed Bladed is offline
 
Join Date: Nov 2013
Posts: 54
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

4.2.1 patch level 3
And all the pluguns have been removed

--------------- Added [DATE]1383826071[/DATE] at [TIME]1383826071[/TIME] ---------------

Thinking about it I'm betting it's one of the login mods the previous owner had installed being referenced by the database.
Reply With Quote
  #20  
Old 11-07-2013, 11:10 AM
tbworld tbworld is offline
 
Join Date: Oct 2008
Posts: 2,126
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

They may have been removed, but they are currently not disabled. Disable your hooks from "includes/config.php." That error you are receiving is from hook
"login_verify_failure_username".

If we are still talking about the upgrade process. The php command 'split' would not be used in v4.2.2. under php5.4 (at least it should not be) except in an old plugin/mod.

It is possible that it is still stored in the datastore. In that case make sure you turn on debug mode in the "includes/config.php" file also.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:28 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04572 seconds
  • Memory Usage 2,251KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete