The Arcive of Official vBulletin Modifications Site.

Some idiot screwing with me. · **Released**: 02-26-2008

My forum has been constantly turning on and off..... so now i receive this email

Code:

Alright f**ker..

Here's the deal. You don't want your site going down anymore? You're going to have to do 1 thing.

Give me access to your cPanel for the day. And tomorrow I'll remove my account that has all admin rights. Deal?

How I've been doing it.. hehe.. well, I have a hidden account on your database that has all admin rights. All I want to do is get in your cPanel to copy your database and I'll be on my way.

The way this works is.. you have a lot of users. You'll never find me in the 200,000something users you have. So.. therefore, you need me to give you the account I have so you can delete it. NOW.. replacing your database will not work. For I have a program on my desktop that gives me admin access to any vbulletin forum I want. You want your site safe? Well.. give me your cPanel and we'll call it even. You can change your cPanel password tomorrow.

He keeps turning it on and off how can i put an end to this!!

volitian · #52 03-09-2008, 05:02 PM

Quote:

Originally Posted by indie2industry

gotcha

my apologys

Although Im sure we all agree with you on moral grounds alone, I guess the Boss has an obligation to "Inform you"

I've learnt alot from this thread, makes me think about security more to say the least

All The Guys @ Volitian.

PET · #53 03-17-2008, 10:46 AM

By the way. You know what would be cool? Just set up a "Custom PHP script" that will take the guy's IP. Just give the kid the link, and a face user/pass, end when he logins you will also get his IP, and you will also... scare him if you put some FBI page there

Cars2007 · #54 03-19-2008, 11:33 PM

If you have photopost, photopost classifieds, or reviewpost, there is an exploit that was published a couple months ago. You should have an email from photopost.com telling you how to patch older versions. The exploit can be used to upload .php files to the web server by tricking photopost into thinking the file is legit.

Shawn Yue · #55 03-20-2008, 02:58 AM

Quote:

Originally Posted by fordsho

My forum has been constantly turning on and off..... so now i receive this email

Code:

Alright f**ker..

Here's the deal. You don't want your site going down anymore? You're going to have to do 1 thing.

Give me access to your cPanel for the day. And tomorrow I'll remove my account that has all admin rights. Deal?

How I've been doing it.. hehe.. well, I have a hidden account on your database that has all admin rights. All I want to do is get in your cPanel to copy your database and I'll be on my way.

The way this works is.. you have a lot of users. You'll never find me in the 200,000something users you have. So.. therefore, you need me to give you the account I have so you can delete it. NOW.. replacing your database will not work. For I have a program on my desktop that gives me admin access to any vbulletin forum I want. You want your site safe? Well.. give me your cPanel and we'll call it even. You can change your cPanel password tomorrow.

He keeps turning it on and off how can i put an end to this!!

Please Do Not Use Bad Word In Here

And Contact Your Host For Help I Am Sure They Will Help You

veenuisthebest · #56 03-20-2008, 01:41 PM

Hi all,

First of all I'M a total newbie....joined a week back. Below is what I think about this discussion, its just my sweet little brainy thought over it..lol

i just went through the whole discussion, got to learn a lot..
But, I'd like to know something from the masters here !!

The person above "fordsho" describes his problem, he says that he has around 200000 members on his board. But did anyone noticed his Join Date and Post Counts ??

how can he ever have 200000 members in 3 months ??

If in any case, he's true then he must be using a nulled version of vBulletin since years that already contained some malicious program within itself that allowed the hacker to screw the board up OR he himself got lucky enough to get hands on the database of some big board (God knows how).

Please do reply to this and correct me if i'm going wrongg..

Thank You

Yours · #57 03-20-2008, 04:25 PM

Sounds like he gained access to an admin account and gave himself admin permissions. All you really have to do is go in and remove his admin rights, make every admin change their passwords and do scans on their computers. It would also be a good idea to change all of the site's passwords for cPanel, etc.

indie2industry · #58 03-20-2008, 10:13 PM

just getting back to this thread... I'm sorry.

I forgot to ask. Do you have any mods & add-ons you didn't get from here? he may have scripted himself access also.

Has he sent you an e-mail??? If so, he's TOAST!!! DON'T USE OUTLOOK!!
Go to www.mail2web.com

Login: yourname@yourdomain.com
password: your password

retrieve his message. In the bottom/left corner of the e-mail(s) it'll show his IP address.
FIRST, log into your server and block it from there.
THEN, go to your vbullletin admin cp, go to Banning Options, and ban the IP from there also. But DON'T BAN HIS E-MAIL!! If he contacts you again, you want to know from where so you can also block that IP.

This may also help.
https://vborg.vbsupport.ru/showthrea...ighlight=proxy

--------------- Added [DATE]1206062226[/DATE] at [TIME]1206062226[/TIME] ---------------

Quote:

Originally Posted by PET

By the way. You know what would be cool? Just set up a "Custom PHP script" that will take the guy's IP. Just give the kid the link, and a face user/pass, end when he logins you will also get his IP, and you will also... scare him if you put some FBI page there

Kimmi · #59 03-21-2008, 12:57 AM

Quote:

Originally Posted by veenuisthebest

Hi all,

First of all I'M a total newbie....joined a week back. Below is what I think about this discussion, its just my sweet little brainy thought over it..lol

i just went through the whole discussion, got to learn a lot..
But, I'd like to know something from the masters here !!

The person above "fordsho" describes his problem, he says that he has around 200000 members on his board. But did anyone noticed his Join Date and Post Counts ??

how can he ever have 200000 members in 3 months ??

If in any case, he's true then he must be using a nulled version of vBulletin since years that already contained some malicious program within itself that allowed the hacker to screw the board up OR he himself got lucky enough to get hands on the database of some big board (God knows how).

Please do reply to this and correct me if i'm going wrongg..

Thank You

He couldve had a different type of forum and switched to VB using the impex to transfer his other board.
and if had a nulled the staff would said something when he replied

G0F0RBR0KE · #60 03-21-2008, 07:20 PM

Quote:

Originally Posted by Kimmi

He couldve had a different type of forum and switched to VB using the impex to transfer his other board.
and if had a nulled the staff would said something when he replied

On top of that. He wouldn't be able to post in the 'Big Board Discussions' since it's only for license uses.

Deepdog009 · #61 03-21-2008, 09:07 PM

These links may assist U...> http://www.surprisechat.com/boards/v...d.php?tid=2458

http://www.emailabuse.org/

# Update your operating system with the latest patches.
# Keep your antivirus program up-to-date.
# Install a personal firewall.
# Periodically sweep for Trojan horses running on your PC.
# Use htaccess and allow only auth. ips access to control panel.
# Implement more security tracking software to view logs and vital areas of domain.

Good Luck

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.05261 seconds Memory Usage 2,316KB Queries Executed 25 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (2)bbcode_code (5)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (6)navbar_link (120)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (11)post_thanks_box (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (11)post_thanks_postbit_info (10)postbit (11)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!