Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #21  
Old 05-21-2007, 02:53 PM
dadu911 dadu911 is offline
 
Join Date: Apr 2005
Posts: 19
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yea Shazz What proof you want? Screenshots of another person logged in as me, the admin?

Site being exploited 3,4 times. It is not a system issue, it is vb, the hacker is even playing games with me, he has many sites databases. He exploits them, logs in as admin, he gains acess to admincp and creates his back up, he has many ways.

I fully upgraded to 3.6.7 pl1, changed all my passwords. Poof, he does it again.

I was right about 3.6.6. also check the first post here, I discovered the hole in calendar. Cause he hacked that too.
Reply With Quote
  #22  
Old 05-21-2007, 03:33 PM
Dem3ntedSn1per Dem3ntedSn1per is offline
 
Join Date: May 2007
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by dadu911 View Post
Yea Shazz What proof you want? Screenshots of another person logged in as me, the admin?

Site being exploited 3,4 times. It is not a system issue, it is vb, the hacker is even playing games with me, he has many sites databases. He exploits them, logs in as admin, he gains acess to admincp and creates his back up, he has many ways.

I fully upgraded to 3.6.7 pl1, changed all my passwords. Poof, he does it again.

I was right about 3.6.6. also check the first post here, I discovered the hole in calendar. Cause he hacked that too.
Not to seem rude, as I am new to vB. But...I've been running sites for a while now and work for a software developer that produces web based applications, so I'm not a complete novice when it comes to things like site security. There is no forum software that is 100% hacker proof, but you seem to care more about trashing vB than you do about actually helping the community protect itself from a potential exploit.

vB has a nice sticky post in their quick tips and customization section called "How To Make My Forums More Secure". If he's continuing to get in to your admin cp, there's something going on. Maybe you haven't taken proper steps to secure it or maybe you have a key logger on your own computer and keep inadvertently giving your passwords to him.

Since you single handedly identified the calendar exploit before anyone else, maybe you can present evidence of the hole in 3.6.7 PL1 that is causing your site to get hacked instead of just ranting that there's a new, unidentified exploit.
Reply With Quote
  #23  
Old 05-21-2007, 09:21 PM
JamieLee2k's Avatar
JamieLee2k JamieLee2k is offline
 
Join Date: Sep 2006
Posts: 273
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

why not change where the admincp folder lies and then just edit the config.php
If you have issues and know how they are getting in the get the log files from the FTP and let vbulletin know
Reply With Quote
  #24  
Old 05-21-2007, 09:51 PM
theFAILURE's Avatar
theFAILURE theFAILURE is offline
 
Join Date: Jan 2005
Posts: 141
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Sounds more like you got keylogged than exploited.
Reply With Quote
  #25  
Old 05-21-2007, 10:58 PM
DaReD3ViL DaReD3ViL is offline
 
Join Date: Mar 2006
Posts: 13
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

this was most likely an XSS exploit .
Reply With Quote
  #26  
Old 05-22-2007, 01:41 AM
SCRIPT3R SCRIPT3R is offline
 
Join Date: Jan 2005
Posts: 1,303
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

smells like B.S. to me.
Reply With Quote
  #27  
Old 05-22-2007, 01:51 AM
smacklan's Avatar
smacklan smacklan is offline
 
Join Date: Mar 2005
Posts: 497
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ever heard of .htaccess protection on your directories?
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 07:51 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04148 seconds
  • Memory Usage 2,216KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete