Announcement

Collapse
No announcement yet.

Illegal Board Signs?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Illegal Board Signs?

    Hello,
    I am an owner of a webhosting company, and between our servers we have over a thousand clients both free and paid. I am wondering if there is any way for us to tell if a clients vbulletin is illegal (like cracked). I know I should report it, but I dont know what types of things I should be looking for inorder to classify a board as suspicious. Any suggestions would be greatly apprecieated.

    Thanks,
    Mike

  • #2
    If it has no hacks it can raise an eyebrow.

    Comment


    • #3
      Originally posted by ATI4EVER
      If it has no hacks it can raise an eyebrow.
      No. Illegal boards can get hacks through some warez sites and anybody can chose not to install hacks (in fact, most people chose not to).

      The one thing I'd look for is some "NULLED BY XXXXX" at the top of the PHP source.

      Comment


      • #4
        The only way to make sure is to report it to

        http://www.vbulletin.com/piracy.php or alternatively you can email [email protected].

        But I do not know if you are lookong for a way to delete your client from your server for breaking any of your server rules or you just do not like them. Jelsoft Enterprises Ltd. will not tell you if your client has an illeagal board unless they need to.

        *edit
        squall14716 is right on that part, just right-click and view source, but it is better to report and not to go gun-ho and shoot everything that looks suspect.
        Last edited by Jose Amaral Rego; Tue 16 Aug '05, 12:55pm.

        Comment


        • #5
          Thank you all for your suggestions but to LEAD WEIGHT, I know about reporting them, but I wanted to see if there were any big things that could alert me to a possible pirated board. We have so many vbulletin boards hosted and I am willing to bet that at least a few of them are illegal.

          Comment


          • #6
            Originally posted by squall14716
            No. Illegal boards can get hacks through some warez sites and anybody can chose not to install hacks (in fact, most people chose not to).

            The one thing I'd look for is some "NULLED BY XXXXX" at the top of the PHP source.
            That is not true. A lot of people choose to mod their boards. Yes, some people do not mod them which is why I said "it can raise an eyebrow" instead of saying its illegal. Also yes, they can get it off warez sites but its difficult.

            You can try looking at config.php.new to see if they still have it.

            Comment


            • #7
              First off, the biggest indication is that the board is an old version. Anything running 3.0.0 Beta these days is pretty suspicious, especially since there have been pretty major security holes discovered in them.

              Also, if you want to be sure, go take a look at their files' source code and see if you can still find the original "call home" code. If you can't, then chances are it's an illegal copy.
              :)

              Comment


              • #8
                Originally posted by MikeWalczak
                Thank you all for your suggestions but to LEAD WEIGHT, I know about reporting them, but I wanted to see if there were any big things that could alert me to a possible pirated board. We have so many vbulletin boards hosted and I am willing to bet that at least a few of them are illegal.
                A good way is to let them give you access to the adminstration area. It is the good way of seeing that. You need to understand that nulled boards do not need to have nulled by xxxxx cause that is the easy way to figure it out and some copyright's are removed cause it was purchase that way so like I said the best way is to report them or see in the admin area and look for the popular 'nulled by scriptmafia'

                Comment


                • #9
                  Also, nulled versions dont have "Latest vBulletin version (X)" on the top of the admincp.

                  What is the "call home" code? Is it in php or in templates?

                  Comment


                  • #10
                    Originally posted by ATI4EVER
                    That is not true. A lot of people choose to mod their boards. Yes, some people do not mod them which is why I said "it can raise an eyebrow" instead of saying its illegal. Also yes, they can get it off warez sites but its difficult.

                    You can try looking at config.php.new to see if they still have it.
                    Actually, Wayne and Steve have said on numerous occasions that the majority of customers don't modify the source.

                    Originally posted by ATI4EVER
                    Also, nulled versions dont have "Latest vBulletin version (X)" on the top of the admincp.

                    What is the "call home" code? Is it in php or in templates?
                    As the Admin CP doesn't have templates, it's in the code .
                    Bugdar: PHP bug tracking software that is beautiful, fast, and robust.

                    Comment


                    • #11
                      You can run a bash script to run through .php files and match against known tag lines from warez groups.

                      Comment


                      • #12
                        Originally posted by Floris
                        You can run a bash script to run through .php files and match against known tag lines from warez groups.
                        Wouldn't that be an invasion of privacy against his customers?

                        MGM out

                        Comment


                        • #13
                          He is root - and has a policy that doesn't allow customers to store files that break intl property. To enforce this he can browse the content of his web server. He could ensure their privacy by not actually looking inside the files but matching against a string from it, and return with an echo which file in which dir is breaking his policy. And then suspect the user for running unlicensed, temp suspend the account, email Jelsoft with a copy to the account holder and job done. If this actually is a privacy breach .. he has to check with the laws in his country and the country where he's hosted. I wouldn't know. Personally: I don't think so.

                          To bypass this..
                          he could write a crawl bot to go through all the domains he hosts and find for example vBulletin_global.js and see if the crackgroup_tag is in the footer of that file. This file is publicly downloadable .. everybody with an internet connection can view this.

                          Doing it as a root user directly on the server is just quicker and more accurate.

                          Comment


                          • #14
                            Wow Floris thank you so much for your help with this matter. I think we are going to attempt to write a crawl bot which will do as you instructed.

                            Thanks to everyone else for their suggestions. If you have any more suggestions be sure to post them

                            Comment


                            • #15
                              my suggestion is this personally.

                              Locate all sources of vbulletin_global.js. Identify the user. From there, open up any PHP files from that user that's related to vBulletin.

                              Most of these hackers are getting rather wise, and leaving the .js files intact, making it look legit.
                              ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
                              Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online Entertainment

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...
                              X