Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page Hacked through FlashChat integration plugin for vb 3.5.2
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 09-04-2006, 06:50 PM
wacnstac wacnstac is offline
 
Join Date: Nov 2001
Posts: 312
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Hacked through FlashChat integration plugin for vb 3.5.2
We've been hacked and our database screwed by an apparent vulnerability of the FlashChat integration with vb. Is there an update of the hack with the vulnerability fixed? Any help during this trying time would be very much appreciated.

steve
Reply With Quote
  #2  
Old 09-04-2006, 07:25 PM
Delphiprogrammi Delphiprogrammi is offline
 
Join Date: Feb 2004
Location: Landen(Belgium)
Posts: 1,335
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
you mean the meta refresh redirection exploit ? that whas not flashchat but the plugin called "topXstat" and yes that plugin has been updated to fix the holes here flaschat contains a hole to through here is more information about the flashchat hole
Reply With Quote
  #3  
Old 09-04-2006, 07:27 PM
steven s's Avatar
steven s steven s is offline
 
Join Date: Aug 2004
Location: Greenville, SC
Posts: 572
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Updated FlashChat
http://forum.tufat.com/showthread.php?t=24619

This is interesting.
I caught it just in time.
[Mon Sep 4 15:20:11 2006] [error] [client 200.82.226.80] File does not exist: /home/username/public_html/forum/chat//inc/cmses/aedatingCMS2.php
I would have been hacked if that file was still there.
Reply With Quote
  #4  
Old 09-04-2006, 08:15 PM
Traxdata Traxdata is offline
 
Join Date: Jul 2004
Posts: 128
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by 1996 328ti
Updated FlashChat
http://forum.tufat.com/showthread.php?t=24619

This is interesting.
I caught it just in time.
[Mon Sep 4 15:20:11 2006] [error] [client 200.82.226.80] File does not exist: /home/username/public_html/forum/chat//inc/cmses/aedatingCMS2.php
I would have been hacked if that file was still there.
Indeed, I get these "errors" about 20 times a day since Friday last week.
Reply With Quote
  #5  
Old 09-04-2006, 08:15 PM
steven s's Avatar
steven s steven s is offline
 
Join Date: Aug 2004
Location: Greenville, SC
Posts: 572
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Traxdata
Indeed, I get these "errors" about 20 times a day since Friday last week.
Different ip address?
Reply With Quote
  #6  
Old 09-04-2006, 08:20 PM
wacnstac wacnstac is offline
 
Join Date: Nov 2001
Posts: 312
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Wish these punks would find something better to do.
Reply With Quote
  #7  
Old 09-04-2006, 08:50 PM
Traxdata Traxdata is offline
 
Join Date: Jul 2004
Posts: 128
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by 1996 328ti
Different ip address?

Of course, all Turkish IP's. Today they tried about 70 times! Not bad.

Just found on zone-h! It seems that some other FlashChat files are also insecure!!! Thanks God I have removed this piece of you-know-what.



http://www.zone-h.org/component/opti...berLord/page,2
Reply With Quote
  #8  
Old 09-04-2006, 09:32 PM
iran.gs iran.gs is offline
 
Join Date: Jul 2006
Posts: 192
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Code:
content="0;url=http://ts.somee.com"> """"

this is their ip
IP: 85.104.221.179 Country: Turkey City: Istanbul, Istanbul

I think VB must do a IP range ban all these turkish delights I lost i whole day try to fix this and it was on saturday my most busy day at my forum :hurt:
I blame the VB Stuffsf or this, something like this should be mail to all vb members and all the forum members after all this is not a free software we did not just get this bicuz it looks good we go it since the name of the software is gr8
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 11:10 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04238 seconds
  • Memory Usage 2,221KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_code
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete