Go Back   vb.org Archive > Community Discussions > Forum and Server Management
Reload this Page Someone has my database. MD5 to text possible??
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 05-31-2009, 12:49 AM
Lautaro's Avatar
Lautaro Lautaro is offline
 
Join Date: Jan 2009
Location: United States
Posts: 233
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Someone has my database. MD5 to text possible??
Hello,

A hacker has stolen my forum database, its a vBulletin 3.8.2 and he showed me a screenshot of the table 'users' where the password is shown in MD5, so my question is. Is that person going to be able to convert the MD5 to text and know the passwords of all the users of my forum???

Also, I'd like to know how I can prevent people who is IP banned from using proxies and being able to access my forum.

Also if its possible, I would like to reset all members passwords and send them their new password by email so only the owner can view his/her new password by checking his/her email.

Thank you.
Reply With Quote
  #2  
Old 05-31-2009, 03:43 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Lautaro View Post
A hacker has stolen my forum database, its a vBulletin 3.8.2 and he showed me a screenshot of the table 'users' where the password is shown in MD5, so my question is. Is that person going to be able to convert the MD5 to text and know the passwords of all the users of my forum???
Yes - it is possible, but not without a lot of work (unless your users have really weak passwords).
Quote:
Originally Posted by Lautaro View Post
Also, I'd like to know how I can prevent people who is IP banned from using proxies and being able to access my forum.
It is quite impossible to block all proxies.
Quote:
Originally Posted by Lautaro View Post
Also if its possible, I would like to reset all members passwords and send them their new password by email so only the owner can view his/her new password by checking his/her email.
AFAIK, you will need a modification to do this. I don't know if such a modification exists.
Reply With Quote
  #3  
Old 06-05-2009, 09:53 PM
COBRAws's Avatar
COBRAws COBRAws is offline
 
Join Date: Oct 2002
Location: Buenos Aires
Posts: 864
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Dismounted View Post
AFAIK, you will need a modification to do this. I don't know if such a modification exists.
Or he could set all usergroup passwords to expire in 1 day. Anyway, that wont prevent a sript kiddie to login with those passwords.
Reply With Quote
  #4  
Old 06-06-2009, 05:04 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by COBRAws View Post
Or he could set all usergroup passwords to expire in 1 day. Anyway, that wont prevent a sript kiddie to login with those passwords.
I thought of that - and you've stated why I didn't suggest it.
Reply With Quote
  #5  
Old 06-08-2009, 10:48 AM
Lautaro's Avatar
Lautaro Lautaro is offline
 
Join Date: Jan 2009
Location: United States
Posts: 233
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Well, the problem seems to be fixed now. somehow the forum IP banning wasn't working and the hacker till had access to the forum but what I did was IP banning him using a cPanel option..

I just mass PMed my users telling them to change their passwords.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:10 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03984 seconds
  • Memory Usage 2,200KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete