Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > Premium Archives > ibProArcade Archive
Reload this Page Big exploit issue (can easily get admin's hash)
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Big exploit issue (can easily get admin's hash) Details »»
Big exploit issue (can easily get admin's hash)
Version: , by Dominic Dominic is offline
Developer Last Online: Aug 2020 Show Printable Version Email this Page
Version: Unknown Rating:
Released: 02-27-2007 Last Update: Never Installs: 0
 
No support by the author.

<a href="http://www.securityfocus.com/bid/22575" target="_blank">http://www.securityfocus.com/bid/22575</a>

Big exploit issue. They can easily get admin's hash. Might want to fix this if you haven't already.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 02-27-2007, 02:10 PM
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Posts: 4,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
2.6.0 just came out :|
Reply With Quote
  #3  
Old 02-27-2007, 02:12 PM
Dominic Dominic is offline
 
Join Date: Dec 2006
Location: Boston
Posts: 101
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Well i didn't see it since it wasn't posted in this forum so i didn't bother looking.
Reply With Quote
  #4  
Old 02-27-2007, 02:18 PM
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Posts: 4,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by CC_Phantom View Post
Well i didn't see it since it wasn't posted in this forum so i didn't bother looking.
He hasen't made the announcment yet -.-

heres to save the time looking

https://vborg.vbsupport.ru/showthrea...ght=iproarcade
Reply With Quote
  #5  
Old 02-28-2007, 09:22 PM
gmatrix gmatrix is offline
 
Join Date: Apr 2006
Posts: 32
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Has this actually been fixed in the new release and what is the admins hash anyways?
Reply With Quote
  #6  
Old 03-01-2007, 12:57 PM
MrZeropage's Avatar
MrZeropage MrZeropage is offline
 
Join Date: Nov 2003
Location: Munich, Germany
Posts: 3,012
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
This is fixed in v2.6.0+ and that is exactly the issue that is meant with "fixed security issue" in the release-history

That's why I told everybody to upgrade to v2.6.0+ so nobody has to worry


Quote:
Originally Posted by CC Phaontom
Well i didn't see it since it wasn't posted in this forum so i didn't bother looking.
I have my eyes everywhere




btw: the hash of any passwort (admin or not) does not help about anything, as the password is "double-hashed" using a random 3-character-value between the hashes so that having the hash it still is impossible to re-calculate the real password behind it
Reply With Quote
  #7  
Old 03-01-2007, 02:23 PM
nitro nitro is offline
 
Join Date: Nov 2001
Posts: 302
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It makes no difference how many hashes or random characters used, it only takes a vulnerability that would permit the altering of the email address field for a specific ID in the user table and theres instant escalated privelages once a password reset is made.

Alternatively an attacker can simply inject the random characters (salt) for the hash and a respective hash to the respective fields on a userid in the user table and your in when you use the new password.

Not digging at ibPro as Mr Z knows, but for others information thats how easy it is to have a vbulletin admin account compromised, it only takes one bad vulnerability somewhere, allways use additonal security like htaccess, keep all your hacks up to date and be prepared to disable or even remove files for any addons if the need should arise. Its highly unlikely your vbulletin password would be retrieved, but gaining privelaged access is a different story.
Reply With Quote
  #8  
Old 03-01-2007, 05:06 PM
MrZeropage's Avatar
MrZeropage MrZeropage is offline
 
Join Date: Nov 2003
Location: Munich, Germany
Posts: 3,012
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I just explained the "They can easily get admin's hash"


Anyway, this got fixed quickly and (as even told in the update-notification-mail sent to all who clicked INSTALL for ibProArcade) I recommend everybody to update to v2.6.0+
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 10:20 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.14394 seconds
  • Memory Usage 2,265KB
  • Queries Executed 21 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (7)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete