Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #71  
Old 11-16-2013, 11:35 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Posts edited or removed.

I will repeat one more time, this thread is not for made up nonsense.

Stick to facts, dont go making things up.
  #72  
Old 11-16-2013, 11:38 PM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Chris8 View Post
So... can someone explain how exactly they hacked vb.com. Can we have some more detailed answers?
In post number 3 of this thread you will find a link to a facebook posting where a "hacking" claim is made. Images in that link send you to dummied up screenshots that could be anything.
  #73  
Old 11-17-2013, 12:28 AM
hugh_ hugh_ is offline
 
Join Date: Mar 2005
Location: Netherlands
Posts: 368
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Paul M View Post
Not really sure what financial information you mean.

All the log files that were examined do not show any attemped access of customer data in the support system, they basically targeted the vb user table.
Was this an SQL injection and not a hack or vulnerability?
  #74  
Old 11-17-2013, 12:56 AM
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Posts: 56
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Max Taxable View Post
There isn't one shred of proof of that and it's not even a claim the illiterate script kiddies with their dummied up screenshot and their "patch for sale" are even making.
The screen shots the script kiddie provided show the VB.org database in the list.
  #75  
Old 11-17-2013, 01:00 AM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by motorhaven View Post
The screen shots the script kiddie provided show the VB.org database in the list.
I never saw that... I saw dummied up screenshots I could make for ya, to show anything I wanted you to see.

There was nothing at all about vB dot org in any of it.
  #76  
Old 11-17-2013, 01:01 AM
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Posts: 56
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Paul M View Post
Posts edited or removed.

I will repeat one more time, this thread is not for made up nonsense.

Stick to facts, dont go making things up.
Which one is a fact? A single server was hacked as you claim, or servers as the notice from VBulletin claims? Just curious, since my post about others being wrong was considered enough nonsense to remove, but not those calling me paranoid, a conspiracy nut, or any of the others slamming me. Hardly seems impartial.
  #77  
Old 11-17-2013, 01:03 AM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by motorhaven View Post
Which one is a fact? A single server was hacked as you claim, or servers as the notice from VBulletin claims? Just curious, since my post about others being wrong was considered enough nonsense to remove, but not those calling me paranoid, a conspiracy nut, or any of the others slamming me. Hardly seems impartial.
Post #70 was edited by Paul, a post of mine was deleted....

You never answered my questions. Have you bought their "patch?" If not, why are you promoting it?
  #78  
Old 11-17-2013, 01:14 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by hugh_ View Post
Was this an SQL injection and not a hack or vulnerability?
They broke into an old stage server, mainly used by QA for test installs of vB4 & vB5.
Its not know exactly how, but at one point there were in the region of 100 old installs on it, so anyone of them could have been used.

The best guess from evidence is that they hacked it sometime in late summer, and at some point between then and early October they uploaded adminer.
They then appear to have cracked a mysql user password for the Live DB server, and used it (via adminer) to read the vb.com and vb.org user tables.

After that it appears they moved on (they deleted adminer). Nothing was known about this until their facebook post the other day.
  #79  
Old 11-17-2013, 01:16 AM
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Posts: 56
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Max Taxable View Post
I never saw that... I saw dummied up screenshots I could make for ya, to show anything I wanted you to see.

There was nothing at all about vB dot org in any of it.
VBulletin has acknowledged in the email they sent that systemS were hacked. In light of this this admission by VB the cracker's screenshot have credibility. Apparently credible enough for VBulletin.ORG to require everyone to change their password when logging in.
  #80  
Old 11-17-2013, 01:25 AM
hugh_ hugh_ is offline
 
Join Date: Mar 2005
Location: Netherlands
Posts: 368
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Paul M View Post
They broke into an old stage server, mainly used by QA for test installs of vB4 & vB5.
Its not know exactly how, but at one point there were in the region of 100 old installs on it, so anyone of them could have been used.

The best guess from evidence is that they hacked it sometime in late summer, and at some point between then and early October they uploaded adminer.
They then appear to have cracked a mysql user password for the Live DB server, and used it (via adminer) to read the vb.com and vb.org user tables.

After that it appears they moved on (they deleted adminer). Nothing was known about this until their facebook post the other day.
Thanks for the clarification Paul.
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 10:55 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05348 seconds
  • Memory Usage 2,278KB
  • Queries Executed 12 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (9)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete