Go Back   vb.org Archive > Community Central > Community Lounge
Reload this Page Exploit Question
FAQ Community Calendar Today's Posts Search

Reply
Page 1 of 2 1 2
 
Thread Tools Display Modes
  #1  
Old 03-27-2007, 07:17 PM
Sychev_S Sychev_S is offline
 
Join Date: Oct 2005
Location: Toronto
Posts: 173
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Exploit Question
One of my members threatened me to hack my board and today he I would assume used some exploit to make counless posts containing "sitename1", "sitename2" and so on in all of the forums.
I removed all of his posts, made time betwene posts 30 sec and banned him, but is there any other way to prevent those occurances in the future? also does anybody know whihc exploit he used or where can I get mroe info on that topic?
Reply With Quote
  #2  
Old 03-27-2007, 07:24 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
What modifcations do you have installed?
Reply With Quote
  #3  
Old 03-27-2007, 07:31 PM
Sychev_S Sychev_S is offline
 
Join Date: Oct 2005
Location: Toronto
Posts: 173
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Here
Quote:
Advanced Memberlist Searching
CES Profile Field Parser
GARS
Lv vB Event Forums
Members who have visited the forum
Miserable Users
MySpace/YouTube/Google Video Addon
No Rules Agree on Register
Quick Account Switch
Referrer Statistics
v3 Arcade
VB image hosting
vBadvanced CMPS
vBlogetin
vS-Interactive Profiles
vS-Invites System
Watermark Attachments
Reply With Quote
  #4  
Old 03-27-2007, 07:45 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I don't see an obvious vulnerable modification in that list.

What was your time between posts set to before you changed it?
Reply With Quote
  #5  
Old 03-27-2007, 11:16 PM
Sychev_S Sychev_S is offline
 
Join Date: Oct 2005
Location: Toronto
Posts: 173
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It was about 4 seconds.
Reply With Quote
  #6  
Old 03-27-2007, 11:25 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
That's way to small, you should set it to about 30 seconds.
Reply With Quote
  #7  
Old 03-28-2007, 03:17 AM
Sychev_S Sychev_S is offline
 
Join Date: Oct 2005
Location: Toronto
Posts: 173
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
yeah, I did now.
Any idea what he used to do that?
Reply With Quote
  #8  
Old 03-28-2007, 07:11 PM
Hazel77 Hazel77 is offline
 
Join Date: Mar 2007
Posts: 20
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Sychev_S View Post
yeah, I did now.
Any idea what he used to do that?
His own fingers and the copy and paste function.
Reply With Quote
  #9  
Old 03-28-2007, 08:05 PM
Sychev_S Sychev_S is offline
 
Join Date: Oct 2005
Location: Toronto
Posts: 173
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
you think so?
what he did is pretty much paste sitename1, sitename 2 all the way untill like 740....
I really doubt someone would do that by hand.....
Reply With Quote
  #10  
Old 03-29-2007, 06:54 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
There are many programs on the net that can auto-submit webbased forms.
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 12:34 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03975 seconds
  • Memory Usage 2,241KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete