Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 02-15-2008, 10:47 PM
mousegeek's Avatar
mousegeek mousegeek is offline
 
Join Date: Mar 2006
Posts: 112
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default vB Getting Hacked

I'm a member at many vB sites. And this past week there has been a lot of vB sites getting hacked badly. It happed to mine 4 days stright. Does anybody know why this is all of a sudden happening or we don't know?
Reply With Quote
  #2  
Old 02-15-2008, 11:22 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Usually it is because of some modification that has been installed. A month or so ago, there was an exploit discovered in a photo gallery application (sorry, I don't have it so I don't know the formal name of it) and so there were several sites hacked at that time.

Do you know if the sites you know of that got hacked have any modifications in common?
Reply With Quote
  #3  
Old 02-15-2008, 11:35 PM
punchbowl punchbowl is offline
 
Join Date: Nov 2006
Posts: 505
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

it's been pretty secure for me. People sometimes claim or think they've been hacked when it's really just people using the same username/pw at lots of different sites.

or whatever
Reply With Quote
  #4  
Old 02-15-2008, 11:46 PM
mousegeek's Avatar
mousegeek mousegeek is offline
 
Join Date: Mar 2006
Posts: 112
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

See my site and a friend of mine who was just hacked today. We both have completely different mods on our sites yet both were hacked in almost identical ways.
Reply With Quote
  #5  
Old 02-16-2008, 04:29 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Do you have any common modifications? It actually really doesn't matter as any SQL Injection vulnerability could inject into anything, ie. same result.
Reply With Quote
  #6  
Old 02-16-2008, 07:07 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You don't really give us much information to work with.

How was it "hacked"? What are the symptoms?
How are you hosted? Dedicated, shared,..?
Which modifications do you have installed?
Reply With Quote
  #7  
Old 02-16-2008, 09:28 AM
falguni1 falguni1 is offline
 
Join Date: Feb 2008
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I think the hacked sites should be reported here so a proper study, diagonosis and solution can be worked out.
Reply With Quote
  #8  
Old 02-16-2008, 09:48 AM
Opserty Opserty is offline
 
Join Date: Apr 2007
Posts: 4,103
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

vB sites? Are these domains that are running only vB forums? Because it may be possible for people to exploit other scripts hosted on the domain/server and use these to mess with the database and cause problems with the forums amongst other things.
Reply With Quote
  #9  
Old 02-16-2008, 01:20 PM
Guest210212002
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by Dismounted View Post
Do you have any common modifications? It actually really doesn't matter as any SQL Injection vulnerability could inject into anything, ie. same result.
Quoted for emphasis. One insecure mod that allows inject is all it takes.
Reply With Quote
  #10  
Old 02-17-2008, 12:24 AM
mousegeek's Avatar
mousegeek mousegeek is offline
 
Join Date: Mar 2006
Posts: 112
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well I got mine all fixed up and I put a bunch of sucerity stuff in there. But take a look at my friends vB:

http://vmkadventure.com

It has me and him stumped as to where to remove that garbage and make sure it wont happen again.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:39 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04371 seconds
  • Memory Usage 2,243KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (9)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete