Originally posted by unterschluepfli
View Post
-
If vbf.php is the backdoor, it's not a default vBulletin file. A simple google search implies it stands for vbFreelancers, which is a group that has made a number of modifications for vBulletin. If all of these sites have a mod in common by this group, or maybe just any mod made by the group, or just this file on their server, that's where the problem lies. However, I could be wrong and it stands for something else. I tried searching for some of the mods on vbulletin.org, but the ones I came across are in the Mod Graveyard and can't be downloaded, so I can't confirm if there's a backdoor in the file.Last edited by thincom2000; Wed 4 May '11, 12:58am. -
I run following add-ons on my vBulletin 3.8.7:
- Auto Mark Read 1.0 Automatically mark forums read for inactive users
- Cyb - Advanced Forum Rules 4.0.2 Cyb - Advanced Forum Rules
- Ignore Thread 1.0.0 Ignore Thread
- Selective Forum Filter 1.1.0 Created By VisionScripts (www.visionscripts.com)
- smilie-Alias 0.1 Allows to define some alias for a smilie
- TCattd - The Image Resizer 1.2.8 Automatically resize posted images
- vBadvanced CMPS 3.2.0 vBadvanced Content Management & Portal System
Leave a comment:
-
I was running 3.8.4 when my site got hacked. I deleted all the files and upgraded to 3.8.7 and shut off all of my products in case that is the conduit the hackers used to get in.
My opinion, this is widespread enough that individual support tickets aren't the best way to handle it.Leave a comment:
-
Originally posted by ricktas View Post
I have started a ticket, but I think it is a little ridiculous to be handling this as a single support incident, considering the number of people who were hacked. Now if you don't mind, I would prefer to continue this conversation with the guy that represents the company. EricLeave a comment:
-
There is a correct way to get support.... First log a ticket. Forum posts don't cut it.Originally posted by EricGT View PostLeave a comment:
-
It was a coincidence, we rolled out the new editor, found some glaring issues, and rolled out to a different release.Originally posted by EricGT View Post
It had absolutely nothing to do with other sites.
If you're having an issue with your site, please start a support ticket. Include admincp, ftp , and phpmyadmin information.
We can help yoou cleanup a mess but we cannot help you make sure your server is 100% sure.
Make sure you're not running third party addons, there is much more likely a chance that one of those is the cause than vBulletin itself, esp vBulletin 3 due to its age on the market.Leave a comment:
-
Was it just a coincidence that vBulletin's own site was down for some time today, to 'upgrade'?Leave a comment:
-
Any of your running third party addons? If so lets make a list and see whos running what and what is in common. If it was as big of an exploit to effect 3.8.x I would imagine it goes back far enough.Leave a comment:
-
This is a serious problem. There have been tons of sites hacked now. Is VB looking into this?Leave a comment:
-
These hackers are back on my site, hacking usertitles and God knows what else, for the second time today. What is going on??? There is obviously a weakness in 3.8.7. What is it? Come one guys, spare us a couple of comments, so that we know what is going on?Leave a comment:
-
Guys, this has been dragging on all day, without a single word from vBulletin. What is going on? This is messing with a lot of people's livelihoods, man. EricLeave a comment:
-
My forum was hacked, too.
Beneath the modified index.phps i found a "php/c99"-Backdoor in forumroot/includes/vbf.php
According to my logs I can imagine the unsafe door could be misc.phpLeave a comment:
-
Wow....
hahahahah - u dnt know Contra mate. Here a list of sites he's hacked lately:
http://gamerzplanet.net
http://playdota.com
http://bastardfactory.net/
http://duelcity.com/
http://www.underground.mn
http://roothacks.net/
http://www.hauntforum.com/
http://civforum.de
http://watchgeeks.net
http://eurodancehits.com
http://www.sinfuliphone.com/
http://www.scamfound.org/
http://www.fetchmp3.com/
http://ragekings.com
http://bluebeam.com/
http://glocktalk.com/
And thats just so far..... trust me this guy is crazyLeave a comment:
-
I just signed up for vbulletin. It is used in a lot of gaming communities. I am trying to build my own community and now have enough members to justify building a forum. So I know alot of the clans/gaming...Wed 7 Jun '17, 8:25am
Leave a comment: