Go Back   vb.org Archive > Community Central > vBulletin.org Site Feedback
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #71  
Old 02-03-2013, 10:35 PM
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Location: Manchester
Posts: 3,481
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by BigAl205 View Post
I meant to ask how non-members are getting to the members list. I'm assuming that a member is aggregating the list. Is there any way to pull up members within the offending IP range and verify their intent or restrict their permissions?
Nope!, here memberlist.php is available to guests!
  #72  
Old 02-03-2013, 10:55 PM
BigAl205's Avatar
BigAl205 BigAl205 is offline
 
Join Date: Oct 2010
Location: Hayden,AL
Posts: 69
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Oh, OK...seems like hiding the member list to the public would be a nice first step.
  #73  
Old 02-03-2013, 11:42 PM
Chickenpotpie Chickenpotpie is offline
 
Join Date: Feb 2010
Posts: 15
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok So I see I'm not the only one. I got 78 messages about being locked out. I agree its annoying as hell.
  #74  
Old 02-04-2013, 11:53 AM
chaser.nl chaser.nl is offline
 
Join Date: Apr 2008
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

got the same thing yesterday, looks like it started again.. annoying but i use a save password
  #75  
Old 02-04-2013, 01:22 PM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
 
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by BigAl205 View Post
Oh, OK...seems like hiding the member list to the public would be a nice first step.
Would be futile... The entire site is open to the public to read (posts) - You could skim usernames by simply browsing threads and capturing the usernames- it would be nothing to build the same list assuming you ever made a post.
  #76  
Old 02-04-2013, 01:29 PM
Antonio Pereira Antonio Pereira is offline
 
Join Date: Sep 2007
Posts: 104
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Same Problem here:

Quote:
Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.
134.181.130.86
81.169.135.82
202.228.204.224
207.158.26.16
103.246.145.184
177.70.8.162
195.69.191.204
125.216.144.199

If the people enter here the IPs ,maybe you can ban in the firewall server.
  #77  
Old 02-04-2013, 09:10 PM
moreno moreno is offline
 
Join Date: Feb 2007
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Same here, brute force from following IPs:
180.244.193.110
218.107.193.59
186.90.153.5
77.37.168.32
109.185.118.156
202.51.226.140
218.28.254.242
141.170.239.132
212.175.88.3
124.240.187.81
202.46.85.107
190.207.185.188
112.133.201.70
203.223.47.206
78.38.30.146
91.232.102.134

Blocking IPs will not help, you should set locking accounts based on username attempts, not IPs.
  #78  
Old 02-05-2013, 01:24 AM
Azucar Azucar is offline
 
Join Date: Dec 2008
Posts: 15
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by BigAl205 View Post
Oh, OK...seems like hiding the member list to the public would be a nice first step.
Ditto.

Got 12 emails myself. These are the IPs:

112.133.201.70
190.207.185.188
182.48.107.219
59.60.7.146
91.98.128.97
180.244.193.110
124.160.104.132
80.250.35.180
124.240.187.81
183.61.244.47
218.107.193.59
124.129.30.74
  #79  
Old 02-05-2013, 01:37 AM
b6gm6n's Avatar
b6gm6n b6gm6n is offline
 
Join Date: Aug 2002
Location: UK
Posts: 691
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I got the same, I thought I'd come here to find this thread...

It seems to me that some one/group has been sold a database of 'older' user names & password combinations for various sites/forums etc... most likely gleaned some years ago due to past hacks, key-loggers, infected email accounts and probably a raft of other exploits which all exact the same purpose... to ultimately fund organized crime through spamming which results in revenue generation sadly, they just don't want to sell you sex-aids and cheap trainers and then live a life of access themselves... there's a reason to the madness, it's prevalent and widespread and it's organized, racketeering bodies are sold on databases of such information over and over, year in year out.. the older they get the more useless they become (and cheaper to the gangs) so they take the data and do a sweep to see what falls... any monies made go's back to the source, in years past it was drug trafficking and such & such.. today the internet and such data the public pass through their keyboards is used both commercially by the sites themselves and illegally by criminals if they can get at it... you've all heard of the high-profile attacks on 'steam' accounts for example... well guess what happens to all those accounts? yup that's it... sold on and used not right away but some years later... they'll be due to pop-up soon... i think this round of attacks shows that either the vb.org database was compromised some years back and no-one told you about it... or it's just a collection for username/password combos from an older collection of data... so all of us in this thread is on some kind of older database being sold on to gullible new gangs in the hope of making some illicit funds, i bet it wasn't just vb that was hit recently...

oh and twitter was hacked, apparently... tell you what, that's old data again... old account longs since setup lost to a gang, ripe for spamming and making some money from... all go's back to the same people... Kim Dotcom or whatever he calls himself these days made a million or 20 out of hosting ripped off content... he didn't make that kinda money selling space to students making maps for games or for people to hold their music files online... no, it was rife piracy... he still has lots on the boil... they hack the sites, share the content amount the higher echelons of their content-mules then dish it out multiple times across many forums... all going back to a pay download option...

anyhew if you have an older account... bet you had a little bit-tickle recently... silly sods.
Благодарность от:
mykkal
  #80  
Old 02-05-2013, 06:19 AM
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Posts: 1,987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Sorry, that's pretty much nonsense and backed up by nothing, just silly speculation. You don't need a database to do such a brute force attempt, you just harvest usernames either from the userlist or the posts and throw those usernames at the login form.
Благодарность от:
Amaury
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 07:59 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.10663 seconds
  • Memory Usage 2,260KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (10)post_thanks_box
  • (2)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (2)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete