Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #41  
Old 09-10-2015, 07:53 PM
X-or X-or is offline
 
Join Date: Nov 2005
Posts: 201
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

:facepalm:
  #42  
Old 09-10-2015, 08:02 PM
Dave Dave is offline
 
Join Date: May 2010
Posts: 2,583
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Okay so let's just sum up the ways how this could of happened:
- Someone got root access on the shared server and decided to mess up a bunch of sites.
- Someone found a malicious vBulletin plugin (or a backdoored plugin) and abused this to gain access to execute commands.
- OP had his FTP/CPanel information stolen somehow. (Which is not likely unless OP has a virus/malware.)

Also even if they had access to the database information, they can't do anything with it unless: the host has a public listening MySQL server, a public reachable PHPMyAdmin installation or if they had access to creating PHP files.

Were the access logs checked by the way?

Regardless, my advice is to move host asap.
Once you lose trust in your host, you should save yourself the trouble and move.
4 благодарности(ей) от:
Elite_360_, HM666, puertoblack2003, TheLastSuperman
  #43  
Old 09-10-2015, 08:55 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

^ I've reviewed his reviews on exploits and other via his blog so head his advice, Dave actually knows his stuff. The rest of you geesh, argue your rears off within reason .
Благодарность от:
ozzy47
  #44  
Old 09-10-2015, 09:00 PM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

That would be a good call, Dave does know his security stuff.
  #45  
Old 09-20-2015, 11:46 AM
loua_oz loua_oz is offline
 
Join Date: Dec 2010
Posts: 90
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I don't really care about your advice although I appreciate your time to chip in.

It came before: the product, vBulletin has to be a product serviceable by a user. Not by the boffins.

That is why I bought it. But appears not to be the case.

The trivialities recommended here are laughable, all the advice. Furthermore, so called "Experts" advocating open text paswords, is it not a degeneration of the humanity?

Anyone off the street could tell you open text password is a stupidity, still, here, VB coders and developers are scolding me for sayin just that.

BTW, my humble site is working well, after I have reinstalled it and not listened to anything said in this tread.

Until someone is pleased to hack it.
  #46  
Old 09-20-2015, 12:24 PM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If you don't want people's advice, then why post? You seem to know it all, so no need to waste people's time replying to you when you tell them you don't care about the advice given.
Благодарность от:
HM666
  #47  
Old 09-20-2015, 12:24 PM
RichieBoy67's Avatar
RichieBoy67 RichieBoy67 is offline
 
Join Date: Apr 2004
Location: CT - Down in a hole..
Posts: 3,057
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I guess you know better than all of us who have been using it for years. Good luck.
Благодарность от:
ozzy47
  #48  
Old 09-20-2015, 01:02 PM
loua_oz loua_oz is offline
 
Join Date: Dec 2010
Posts: 90
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by RichieBoy67 View Post
I guess you know better than all of us who have been using it for years. Good luck.
Not really.
But I bought a product that goes a victim to anyone who wants to hack it.
Just when they want.

Then I need someone (outside of vB) to help me. That is not a product, that is rubbish.

Still talking VB4. Not VB 5.
  #49  
Old 09-20-2015, 01:03 PM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If that was the case, every vB site in the web would be hacked, not just yours.
  #50  
Old 09-20-2015, 01:18 PM
loua_oz loua_oz is offline
 
Join Date: Dec 2010
Posts: 90
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

And they are, the world over, every day.

Those who don't know what to say, retreat to Database injections.

Really, how could that happen? It might, but the database is not vBs property, neither mine on the my site provider.
Is it a mystery that covers up blatant security holes within the vB? Like by vB coders and developers much loved open for all plain data base password?

What they might not know, entering the SQL code of the providers' database would affect not only one site. That could have happened to me and I don't know about others.
Hence your advice (if you have guts, go back and read them) were useless.
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:47 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08476 seconds
  • Memory Usage 2,278KB
  • Queries Executed 12 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (10)post_thanks_box
  • (7)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (4)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete