Announcement

Collapse
No announcement yet.

Site hacked, can someone please help?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • thincom2000
    replied
    Originally posted by unterschluepfli View Post
    My forum was hacked, too.
    Beneath the modified index.phps i found a "php/c99"-Backdoor in forumroot/includes/vbf.php

    According to my logs I can imagine the unsafe door could be misc.php
    If vbf.php is the backdoor, it's not a default vBulletin file. A simple google search implies it stands for vbFreelancers, which is a group that has made a number of modifications for vBulletin. If all of these sites have a mod in common by this group, or maybe just any mod made by the group, or just this file on their server, that's where the problem lies. However, I could be wrong and it stands for something else. I tried searching for some of the mods on vbulletin.org, but the ones I came across are in the Mod Graveyard and can't be downloaded, so I can't confirm if there's a backdoor in the file.
    Last edited by thincom2000; Wed 4 May '11, 12:58am.

    Leave a comment:


  • unterschluepfli
    replied
    I run following add-ons on my vBulletin 3.8.7:

    • Auto Mark Read 1.0 Automatically mark forums read for inactive users
    • Cyb - Advanced Forum Rules 4.0.2 Cyb - Advanced Forum Rules
    • Ignore Thread 1.0.0 Ignore Thread
    • Selective Forum Filter 1.1.0 Created By VisionScripts (www.visionscripts.com)
    • smilie-Alias 0.1 Allows to define some alias for a smilie
    • TCattd - The Image Resizer 1.2.8 Automatically resize posted images
    • vBadvanced CMPS 3.2.0 vBadvanced Content Management & Portal System

    Leave a comment:


  • Zombie-F
    replied
    I was running 3.8.4 when my site got hacked. I deleted all the files and upgraded to 3.8.7 and shut off all of my products in case that is the conduit the hackers used to get in.

    My opinion, this is widespread enough that individual support tickets aren't the best way to handle it.

    Leave a comment:


  • EricGT
    replied
    Originally posted by ricktas View Post
    There is a correct way to get support.... First log a ticket. Forum posts don't cut it.

    I have started a ticket, but I think it is a little ridiculous to be handling this as a single support incident, considering the number of people who were hacked. Now if you don't mind, I would prefer to continue this conversation with the guy that represents the company. Eric

    Leave a comment:


  • AusPhotography
    replied
    Originally posted by EricGT View Post
    Zachery, there are a whole shopping list of people having problems with their sites. These recoder guys have hacked dozens of 3.8.7 sites. This isn't an isolated incident, man.
    There is a correct way to get support.... First log a ticket. Forum posts don't cut it.

    Leave a comment:


  • EricGT
    replied
    Originally posted by Zachery View Post
    It was a coincidence, we rolled out the new editor, found some glaring issues, and rolled out to a different release.
    It had absolutely nothing to do with other sites.

    If you're having an issue with your site, please start a support ticket. Include admincp, ftp , and phpmyadmin information.

    We can help yoou cleanup a mess but we cannot help you make sure your server is 100% sure.

    Make sure you're not running third party addons, there is much more likely a chance that one of those is the cause than vBulletin itself, esp vBulletin 3 due to its age on the market.
    Zachery, there are a whole shopping list of people having problems with their sites. These recoder guys have hacked dozens of 3.8.7 sites. This isn't an isolated incident, man.

    Leave a comment:


  • Zachery
    replied
    Originally posted by EricGT View Post
    Was it just a coincidence that vBulletin's own site was down for some time today, to 'upgrade'?
    It was a coincidence, we rolled out the new editor, found some glaring issues, and rolled out to a different release.
    It had absolutely nothing to do with other sites.

    If you're having an issue with your site, please start a support ticket. Include admincp, ftp , and phpmyadmin information.

    We can help yoou cleanup a mess but we cannot help you make sure your server is 100% sure.

    Make sure you're not running third party addons, there is much more likely a chance that one of those is the cause than vBulletin itself, esp vBulletin 3 due to its age on the market.

    Leave a comment:


  • beishe8
    replied
    Originally posted by EricGT View Post
    Was it just a coincidence that vBulletin's own site was down for some time today, to 'upgrade'?
    Yes, it was just that.
    There was a huge problem with the new editor.

    Leave a comment:


  • EricGT
    replied
    Was it just a coincidence that vBulletin's own site was down for some time today, to 'upgrade'?

    Leave a comment:


  • Zachery
    replied
    Any of your running third party addons? If so lets make a list and see whos running what and what is in common. If it was as big of an exploit to effect 3.8.x I would imagine it goes back far enough.

    Leave a comment:


  • wacnstac
    replied
    This is a serious problem. There have been tons of sites hacked now. Is VB looking into this?

    Leave a comment:


  • EricGT
    replied
    These hackers are back on my site, hacking usertitles and God knows what else, for the second time today. What is going on??? There is obviously a weakness in 3.8.7. What is it? Come one guys, spare us a couple of comments, so that we know what is going on?

    Leave a comment:


  • EricGT
    replied
    Guys, this has been dragging on all day, without a single word from vBulletin. What is going on? This is messing with a lot of people's livelihoods, man. Eric

    Leave a comment:


  • unterschluepfli
    replied
    My forum was hacked, too.
    Beneath the modified index.phps i found a "php/c99"-Backdoor in forumroot/includes/vbf.php

    According to my logs I can imagine the unsafe door could be misc.php

    Leave a comment:


  • HMBeaty
    replied
    Wow....

    Leave a comment:

Related Topics

Collapse

  • TsG XxGHOSTxX
    I need help
    by TsG XxGHOSTxX
    I just signed up for vbulletin. It is used in a lot of gaming communities. I am trying to build my own community and now have enough members to justify building a forum. So I know alot of the clans/gaming...
    Wed 7 Jun '17, 8:25am
Working...
X