The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
08-15-2013, 02:32 PM
|
|||
|
|||
Please help with filestore exploit
I am sure you have all heard of the base64 exploit that is affecting hundreds of vbulletin users. I have had this base64 exploit for a while now. I had it last year and finally got rid of it after I updated my vbulletin but now it is back again. I have downloaded and installed this plugin which alerts you when your datastore plugins are affected. This is the email I get every morning when the exploit is injected into my forum. Can you help me out with this. What exactly does this mean and how are they injecting this code? I need to know how they are gaining access so I can stop it.
Datastore pluginlist mismatch! ================================================== ============================== Plugin modified/added: array ( 'pluginid' => '3094', 'title' => 'vBSEO Cache Templates', 'hookname' => 'cache_templates', 'phpcode' => 'if(defined(\'VBSEO_ENABLED\')) vbseo_complete_sec(\'cache_templates\'); 
|
|
#3
08-25-2013, 11:41 PM
|
||||
|
||||
|
I would simply uninstall VBSEO and utilize vB4's mode rewrite friendly url's. Did you know vBSEO left an exploit in the official product for well over a year through countless versions a known exploit was released in your vBSEO versions... ohh tis true and I recently uninstalled and even that had some issues glad I know my way around a vBulletin site well enough to fix it lol.
Example: http://www.vbseo.com/f5/vbseo-securi...tml#post325845 ^ Post date is 01-23-2012 11:37 PM now read the post further... Quote:
http://www.vbseo.com/blogs/mert-goek...all-vbseo-238/ http://www.vbseo.com/f55/how-complet...l-vbseo-20737/ Just my 2 cents  .
|
| Благодарность от: | ||
| socialteenz | ||
|
#4
09-16-2013, 07:57 PM
|
|||
|
|||
|
I've never used vBSEO and I still have the filestore redirection problem.
So it's possibly not a problem unique to users of vBSEO (and I've seen the long threads about it on their forum). There may be some other way in vB that this is being installed and the problem may be vB itself. Any suggestions, Lynn? (The only plugin I've ever had was glowhost and I have now unistalled it but the problem persists)
|
|
#5
09-16-2013, 08:10 PM
|
||||
|
||||
|
Quote:
http://www.vbulletin.com/forum/blogs...vbulletin-site http://www.vbulletin.com/forum/blogs...ve-been-hacked http://www.vbulletin.com/forum/blogs...vbulletin-site Edit: Also if you bounce around posting all over the place https://vborg.vbsupport.ru/showthrea...wpost&t=302248 some would assume it might prompt a reply quicker and it *might* but then backtracking to check all the places you posted later today and tomorrow could mean overlooking a valid reply as well .
|
|
#6
09-16-2013, 08:40 PM
|
|||
|
|||
|
The only plugin I had was glowhost which I had uninstalled earlier. The problem persists.
I'll make sure I haven't overlooked any reply, but it did seem pertinent to post in this thread as from the posts above other readers may be misled into thinking it's exclusively a vBSEO issue when it's not. I've NEVER had vBSEO installed. I didn't even know what vbSEO was till I started researching this filestore redirection problem where everyone seems to be blaming vBSEO. vBSEO might be one of the routes in but if anyone reading this thinks they are okay because they don't have vBSEO, think again. There seem to be other ways in! <added> One strange thing I noticed is that even after uninstalling glowhost there are still many glowhost related lines in the datastore.MYD table (and possibly elsewhere!) But, of course, the problem may not be glowhost at all but a flaw somewhere else in vB or my security that has allowed the hackers in.
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 12:20 AM.