The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#21
|
||||
|
||||
Don't worry - Chen has showed me and there is nothing to worry about. Your boards are secure
|
#22
|
||||
|
||||
thanks james. i came to the same conclusion. after discussing with ptbyjason for over 5hrs (reinstead him as admin, upgraded to 222, secured the folder admin) we tried to track down every event the hacker did. the only flaw we saw was this:
a hacker admin can delete the logs and change his identity in admin panel. is there a way that VB could save all this info to a log file that cannot be 'cleaned'? in this way in the event a board is hacked, the info can be retrieved, IP, etc. let me know please. |
#23
|
||||
|
||||
You can protect the admin log and only allow certain admins, or none at all, to prune it. This is done from config.php.
|
#24
|
||||
|
||||
i understand firefly. i was referring to the event a hacker could somehow gain access to your root.
|
#25
|
||||
|
||||
for some reason, i still believe this was done from outside, not on the root. ptbyjason told me that all the hacker did was to show his hidden forums and delete the admin accounts and reinstead himself as admin. aparently, ptbyjason's site is very succesfull, he had his provider called and requested to have his site down by his competition. his site is:
http://www.anabolicreview.com if the hacker had acces to the root, he would delete all site, is simplier and more efficient. what do you think? |
#26
|
||||
|
||||
It's quite unlikely it was done from the outside, unless an older version of vBulletin was being used. The hacker may have had a reason to only do certain things rather than trash the whole forum...but we certainly don't know of any security risks with the latest vBulletin.
One way to find out would be to look at the apache server logs to see if any vb scripts were exploited to gain access...it's not a sure-fire way of telling but if it was done from the outside it was likely to be through that. Also make sure that only scripts running on the local server can access MySQL...that's a huge security risk if that isn't the case. Check that out with the host to make sure that couldn't have been what happened. |
#27
|
||||
|
||||
pybyjason had 2.03 installed. i got him upgraded to 222. he downloaded himself the latest version from vb.com members area.
do you know if he opened a support ticket for this matter? |
#28
|
||||
|
||||
Quote:
If I add this on top of my config.php the only thing happen is that it is show in the header. And this error will be shown: Code:
if(!strstr("$_SERVER[PATH_TRANSLATED]", "$_SERVER[DOCUMENT_ROOT]")) { die(); } Warning: Cannot add header information - headers already sent by (output started at /home/www/*****/forum/admin/config.php:5) in /home/www/*****/forum/admin/functions.php on line 1603 |
#29
|
|||
|
|||
this presumes your running php 4.1.0 or greater
you'll need to use $HTTP_SERVER_VARS instead of $_SERVER |
#30
|
|||
|
|||
em one question your adding this below the <? tags right?
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|