No announcement yet.

hotscripts hacked

  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    I've also disabled the 'Add Template Name in HTML Comments' config.


    • #17
      I don't think this was a vbulletin exploit since all iNets properties that run vbulletin weren't affected. Hotscripts site was hacked, but, the forum wasn't.
      There is rumor of a vulnerabilitiy in the php upload function. This is supposed to affect all versions of php including 4.3.10. It was being discussed on a private security list I belong to. I don't think this was used either since it was just discovered a couple days ago by a member. So far no one else is able to duplicate his findings so it could be bogus.
      Admins Zone - Resources for Forum Administrators


      • #18
        Well it was done through misc.php within vbulletin and it looks to be exploited through the 'template' variable...

        I had posted the entire log line from our access_log, but it was requested that it be removed... which is the correct call, of course.


        • #19
          Originally posted by The Prohacker
          We had/have it disabled on all of our forums and yet one still got hit by this worm.....
          I see this was the misc.php exploit.
          Did it hit any of the live forums?
          Admins Zone - Resources for Forum Administrators


          • #20
            Because of the file permissions on certain sites only certain sites were affected. I don't think any forums were, but 3 of our sites were that were smarty based, because smarty requires the cache to be world writeable...


            • #21
              Can the users that show up unlicensed and claim to run vBulletin please go to the members area and click on priority support and enter their email in the priority support field so they show up licensed on this site? Thank you.

              Once you purchase one you will receive your customer details in an email. With those customer details you can login to the Members' Area and click on the 'Priority Support' link in the left menu. On the page that loads you must enter the email address you registered with on this support forum. When done correctly you will show up as a licensed members and you will receive priority support.

              If you do have a valid vBulletin license, I kindly request you to update your information.


              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.