Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 06-20-2006, 02:39 AM
Andromeda2875 Andromeda2875 is offline
 
Join Date: Jun 2006
Posts: 62
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default VB really this terrible????? Can it Be

I am very upset. I run a forum with 7 thousand members and 240K posts. I am getting hacked every day now. Is this really how crappy vbulletin is? I mean You can not fix security holes in the software. Very unhappy. I may have to go to IPB. Terribly disappointing.
  #2  
Old 06-20-2006, 02:55 AM
Adrian Schneider's Avatar
Adrian Schneider Adrian Schneider is offline
 
Join Date: Jul 2004
Posts: 2,528
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There are many ways of your board being 'hacked' that have nothing to do security holes. Which version are you running?
  #3  
Old 06-20-2006, 02:57 AM
ConqSoft's Avatar
ConqSoft ConqSoft is offline
 
Join Date: Jul 2003
Location: Raleigh, NC
Posts: 686
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'd be looking into server security if you're having that much of a problem.
  #4  
Old 06-20-2006, 02:59 AM
Damian's Avatar
Damian Damian is offline
 
Join Date: Jan 2005
Location: Kentucky
Posts: 119
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Are you looking for assitance, or just making a comment?
  #5  
Old 06-20-2006, 03:04 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Assuming that you are running 3.5.4 (which the site in your sig is) then you really need to look elsewhere on your server, there are no known 'holes' in that version, but there are lots of other ways to break into a server.
  #6  
Old 06-20-2006, 03:22 AM
Andromeda2875 Andromeda2875 is offline
 
Join Date: Jun 2006
Posts: 62
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by SirAdrian
There are many ways of your board being 'hacked' that have nothing to do security holes. Which version are you running?

I am running 3.5.4. Someone keeps logging in under one of my Super Mods account, changing himself to admin and moving everysingle post to the trash section of my board. Noone is getting intot the server. there are using this how I do not know but they are:

17116 N/A 14:08, 19th Jun 2006 css.php edit style id = 1 206.149.148.27
17115 N/A 14:08, 19th Jun 2006 css.php update style id = 1 206.149.148.27
17114 N/A 14:08, 19th Jun 2006 css.php edit style id = 1 206.149.148.27
17113 N/A 14:08, 19th Jun 2006 css.php edit style id = 4 206.149.148.27
17112 N/A 14:08, 19th Jun 2006 css.php update style id = 4 206.149.148.27
17111 N/A 14:08, 19th Jun 2006 css.php edit style id = 4 206.149.148.27
17110 N/A 14:07, 19th Jun 2006 css.php edit style id = 3 206.149.148.27
17109 N/A 14:07, 19th Jun 2006 css.php update style id = 3 206.149.148.27
17108 N/A 14:06, 19th Jun 2006 css.php edit style id = 3 206.149.148.27
17107 N/A 14:06, 19th Jun 2006 template.php modify 206.149.148.27



If you see, this is from the control panel. There is no name given and this is what they do and then they have access to everything. Somehow they are taking that SuperMod and making it say admin under it and moving everything.

This is what they do after they login and change the password to the SuperMod and make him admin:

17106 13:28, 19th Jun 2006 thread.php dothreadsall 83.149.72.74
17105 13:28, 19th Jun 2006 thread.php dothreads 83.149.72.74
17104 13:27, 19th Jun 2006 thread.php move 83.149.72.74
17103 13:27, 19th Jun 2006 moderate.php posts 83.149.72.74
  #7  
Old 06-20-2006, 06:09 AM
Rickie3's Avatar
Rickie3 Rickie3 is offline
 
Join Date: Nov 2004
Location: Australia/Tasmania
Posts: 770
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

you got to be joking right???? your blaming vBulletin software for being hacked,I have been running vBulletin for 2 years and have not had an ounce of trouble,I'm the only one that has access to my server and am super admin
1. who else has access to your server???
2.how many admins do you have???

could be a admin logging in using a proxy and playing games
  #8  
Old 06-20-2006, 09:11 AM
Revan's Avatar
Revan Revan is offline
 
Join Date: Jan 2004
Location: Norway
Posts: 1,671
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Andromeda2875
I am running 3.5.4. Someone keeps logging in under one of my Super Mods account, changing himself to admin and moving everysingle post to the trash section of my board. Noone is getting intot the server. there are using this how I do not know but they are:

17116 N/A 14:08, 19th Jun 2006 css.php edit style id = 1 206.149.148.27
17115 N/A 14:08, 19th Jun 2006 css.php update style id = 1 206.149.148.27
17114 N/A 14:08, 19th Jun 2006 css.php edit style id = 1 206.149.148.27
17113 N/A 14:08, 19th Jun 2006 css.php edit style id = 4 206.149.148.27
17112 N/A 14:08, 19th Jun 2006 css.php update style id = 4 206.149.148.27
17111 N/A 14:08, 19th Jun 2006 css.php edit style id = 4 206.149.148.27
17110 N/A 14:07, 19th Jun 2006 css.php edit style id = 3 206.149.148.27
17109 N/A 14:07, 19th Jun 2006 css.php update style id = 3 206.149.148.27
17108 N/A 14:06, 19th Jun 2006 css.php edit style id = 3 206.149.148.27
17107 N/A 14:06, 19th Jun 2006 template.php modify 206.149.148.27



If you see, this is from the control panel. There is no name given and this is what they do and then they have access to everything. Somehow they are taking that SuperMod and making it say admin under it and moving everything.

This is what they do after they login and change the password to the SuperMod and make him admin:

17106 13:28, 19th Jun 2006 thread.php dothreadsall 83.149.72.74
17105 13:28, 19th Jun 2006 thread.php dothreads 83.149.72.74
17104 13:27, 19th Jun 2006 thread.php move 83.149.72.74
17103 13:27, 19th Jun 2006 moderate.php posts 83.149.72.74
The css.php log entries aren't the same IP as the thread.php ones. Therefore it's not the same person.
  #9  
Old 06-20-2006, 10:18 AM
Zachery's Avatar
Zachery Zachery is offline
 
Join Date: Jul 2002
Location: Ontario, Canada
Posts: 11,440
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Andromeda2875
I am very upset. I run a forum with 7 thousand members and 240K posts. I am getting hacked every day now. Is this really how crappy vbulletin is? I mean You can not fix security holes in the software. Very unhappy. I may have to go to IPB. Terribly disappointing.
Have you tried

1. Disabling all of your hacks and addons
2. Updating all of your passwords(ftp etc), and forcing all staff to update their passwords?
3. password or ip protecting your admincp and includes directories?
4. Scanned for foreing files?
5. Contacting your hosting provider?
6. Contacting vBulletin support for assistance?
  #10  
Old 06-20-2006, 11:32 AM
amykhar's Avatar
amykhar amykhar is offline
 
Join Date: Oct 2001
Location: PA
Posts: 4,438
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Also, is it the same supermod's account that they keep getting into? Keep in mind that the biggest security holes are the people we have on our teams. If it's the same person, you may need to demote them.

Also, check the permissions that you have set for your supermods. Make sure you didn't give them rights to the control panel and the ability to change member status.
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:44 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04087 seconds
  • Memory Usage 2,253KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete