Version: 2.00, by GeekyDesigns
Developer Last Online: Nov 2023
Category: Administrative and Maintenance Tools -
Version: 3.8.x
Rating:
Released: 08-14-2009
Last Update: 04-02-2012
Installs: 125
Additional Files
No support by the author.
A common method of defacing vBulletin sites is to edit the parsed template html directly via the database. It makes it harder for administrators to find the issue, and can be a pain in the ass to cleanup if you're not familiar with working with the database.
This tool will make it easier to clean your defaced site.
What it does:
Checks all of the templates in the database:
- Makes a new compiled version from the uncompiled template.
- Compares the current compiled template to the new compiled template
- If they differ, it updates the template, then rebuilds all of the styles.
How do you use it?
- Upload to your admincp, modcp, install, or root forums folder
- Browse to it
- Let it run
- Delete tool_recompiler.php after you are done using it.
Ok, but how does someone without access the the database able to do this to begin with? (Forgive me here, I don't mean to be stupid. But If I don't ask, I won't learn. )
Ok, but how does someone without access the the database able to do this to begin with? (Forgive me here, I don't mean to be stupid. But If I don't ask, I won't learn. )
They gain access on the server level, either though another account, or an exploit on a server.
Will this mod tell us if we have exploits then? im confused...
No, it will repair the templates for you if you've been defaced by some random hacker group. I released the tool here because I thought people would like to have a tool to help them fix things.
Here is the explanation behind how the template system and this tool works.
Templates are stored in two ways. There is the unparsed template, which you edit in the Admin CP. It is the template as you know it. Then, there is the parsed template, which is the template after it has been ran through a function to convert things like <if> tags into valid PHP parsable code.
A common method of defacing vBulletin forums is for a hacker to directly edit the parsed version of the template in the database, leaving the unparsed template alone. When you go to edit the template in the Admin CP, you won't see anything different, but the parsed version of the template has changed.
What this tool does is it takes all of the unparsed templates from the database and creates a new parsed version from it. If the newly generated parse is different than the parsed version currently in the database, it will update the template, overwriting the old, probably compromised, parsed template. This process is not "dangerous" in any way. If you run it on a normal, uncompromised forum, you won't see it updating any templates.
As explained already in the description, it checks the unprased template agasint the parsed template table. If the two don't match like they should, it takes your unparsed template and re-parses it and inserts it back into the database and removes the defacement.
Fix-it: Template Edition Details »»
About Developer
Visit Web Site
Additional Files 
No support by the author.
)
08-15-2009, 08:55 PM
