Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page security breached
FAQ Community Calendar Today's Posts Search

Reply
Page 1 of 2 1 2
 
Thread Tools Display Modes
  #1  
Old 10-13-2003, 12:29 AM
xxxsaint's Avatar
xxxsaint xxxsaint is offline
 
Join Date: Jun 2002
Posts: 185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default security breached
Hi , I come home this afternoon to find that someone has changed my admin password and is logged in with it. Immediately I thought it was because I've had html enabled on my board , so the first thing I did was to de-activate it in each forum on there and disable it from signatures.

Is there anywhere else that I can / should disable it from ? I'm kinda lost here on this one , never thought I would have that problem , but here it is.

any help and suggestions appreciated.
Reply With Quote
  #2  
Old 10-13-2003, 12:57 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
What version are you using?

What hacks do you have?

Do you have other admins? Is you admin account unchangeable by other admins?

HTML is a bad idea as some code can be used to harvest cookie passwords.
Reply With Quote
  #3  
Old 10-13-2003, 01:00 AM
xxxsaint's Avatar
xxxsaint xxxsaint is offline
 
Join Date: Jun 2002
Posts: 185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
What version are you using? 2.2.6

What hacks do you have?
LeSane's Store - vbquiz - awards hack for store - arcade

Do you have other admins? yes

Is you admin account unchangeable by other admins?no

HTML is a bad idea as some code can be used to harvest cookie passwords.
Reply With Quote
  #4  
Old 10-13-2003, 02:34 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
upgrade immediately to vb2.3.2, as there are a lot security holes below 229.

Update the Storehack, too.
There was also a big security hole in the old versions.
Reply With Quote
  #5  
Old 10-13-2003, 03:38 PM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
.htaccess your admin directory too
Reply With Quote
  #6  
Old 10-13-2003, 04:49 PM
xxxsaint's Avatar
xxxsaint xxxsaint is offline
 
Join Date: Jun 2002
Posts: 185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
.htaccess completed

and get this , the guy just did it AGAIN but I caught how he did it :

through a donation in the store

if I upgrade the store , will it patch that ???
Reply With Quote
  #7  
Old 10-13-2003, 05:36 PM
Lesane's Avatar
Lesane Lesane is offline
 
Join Date: Oct 2001
Location: The Netherlands
Posts: 1,149
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Yes:
https://vborg.vbsupport.ru/showpost....postcount=2423
Reply With Quote
  #8  
Old 10-13-2003, 05:40 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by xxxsaint
.htaccess completed

and get this , the guy just did it AGAIN but I caught how he did it :

through a donation in the store

if I upgrade the store , will it patch that ???
yes, but it'll just close the hole in the Store Hack.
There are other possibilities, too, so you should really upgrade the whole board
Reply With Quote
  #9  
Old 10-13-2003, 05:47 PM
xxxsaint's Avatar
xxxsaint xxxsaint is offline
 
Join Date: Jun 2002
Posts: 185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
k , well , in process of entire upgrade now.
Reply With Quote
  #10  
Old 10-14-2003, 07:05 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
There you go. The vB.org community saves the day once again...
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 10:19 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03854 seconds
  • Memory Usage 2,246KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete