The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
vB Getting Hacked
I'm a member at many vB sites. And this past week there has been a lot of vB sites getting hacked badly. It happed to mine 4 days stright. Does anybody know why this is all of a sudden happening or we don't know?
|
#2
|
||||
|
||||
Usually it is because of some modification that has been installed. A month or so ago, there was an exploit discovered in a photo gallery application (sorry, I don't have it so I don't know the formal name of it) and so there were several sites hacked at that time.
Do you know if the sites you know of that got hacked have any modifications in common? |
#3
|
|||
|
|||
it's been pretty secure for me. People sometimes claim or think they've been hacked when it's really just people using the same username/pw at lots of different sites.
or whatever |
#4
|
||||
|
||||
See my site and a friend of mine who was just hacked today. We both have completely different mods on our sites yet both were hacked in almost identical ways.
|
#5
|
||||
|
||||
Do you have any common modifications? It actually really doesn't matter as any SQL Injection vulnerability could inject into anything, ie. same result.
|
#6
|
|||
|
|||
You don't really give us much information to work with.
How was it "hacked"? What are the symptoms? How are you hosted? Dedicated, shared,..? Which modifications do you have installed? |
#7
|
|||
|
|||
I think the hacked sites should be reported here so a proper study, diagonosis and solution can be worked out.
|
#8
|
|||
|
|||
vB sites? Are these domains that are running only vB forums? Because it may be possible for people to exploit other scripts hosted on the domain/server and use these to mess with the database and cause problems with the forums amongst other things.
|
#9
|
|||
|
|||
Quoted for emphasis. One insecure mod that allows inject is all it takes.
|
#10
|
||||
|
||||
Well I got mine all fixed up and I put a bunch of sucerity stuff in there. But take a look at my friends vB:
http://vmkadventure.com It has me and him stumped as to where to remove that garbage and make sure it wont happen again. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|