Announcement

Collapse
No announcement yet.

Exploit in vbulletin!!!Urgent!!!

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    [Forum] Exploit in vbulletin!!!Urgent!!!

    hi,have your member and would like to report a website hacker who found an exploit on vbulletin.Please report it to technical support.It's urgent

    vBulletin 3.x/4.x/5.x (product => quick_replay) remote SQL Injection PHP exploit








    Exploit fetch sensitive information for target, this blind injection present in module that about 130 page in google of vulnerable sites used this module




    Is very hacking site.Please close this site.
    Report it to technical support.It's urgent!!!
    Last edited by Wayne Luke; Sat 1 Dec '12, 8:25am.
    Tags: None
  • #2
    We've been made aware of the exploit, at this time the person who created the exploit is charging close to 1000 dollars for it. Without any POC or affected sites to check, there is nothing we can do at this time.

    If anyone has any additional information about the exploit, its POC, or how to patch it, we'll gladly take their information to patch the software.

    Comment

    • #3
      I think they have it on sale for $400.


      People need to check their error logs.

      Comment

      • #4
        Ummmm... whether it's $400 or $1000, wouldn't it make sense for vBulletin to buy it, identify the exploit, and patch it rather than wait for all your customers to get hacked and then react? Surprised a company as large as IB would even comment on the fact that it costs $1000 so you can't do anything right now. In my opinion, that seems somewhat irresponsible, especially when it amounts to the price of a few 1-year vBulletin licenses.

        Anyone else agree?

        *sigh*

        Comment

        • #5
          No, I don't agree. Nobody with any business sense would agree to be extorted to answer a question which will eventually be answered in any case.

          Comment

          • #6
            Trust me,... vb will find and fix the exploit.

            $1k is not much to spend for protecting their premier product line.

            Probably already done with a patch being built as I type.

            Bet on it.

            Comment

            • #7
              Sure vB.com will release patch soon! why should we spend extra money to safeguard our site, its not free script anyway.

              Comment

              • #8
                We'll investigate but we'll not stoop to paying blackmail. Any such costs of the blackmail will almost always be passed on the customer.

                However, we are looking into the allegations and so far we haven't found anything viable. If we do, we will let you know.
                Translations provided by Google.

                Wayne Luke
                The Rabid Badger - a vBulletin Cloud demonstration site.
                vBulletin 5 API

                Comment

                • #9
                  Someone forwarded the code from the first exploit and it does not work on a default installation of vBulletin 3 or 4. vBulletin 5 does not have a showthread.php file which is what the exploit reportedly gains access through.
                  Translations provided by Google.

                  Wayne Luke
                  The Rabid Badger - a vBulletin Cloud demonstration site.
                  vBulletin 5 API

                  Comment

                  • #10
                    Originally posted by Wayne Luke View Post
                    We'll investigate but we'll not stoop to paying blackmail. Any such costs of the blackmail will almost always be passed on the customer.
                    At first I was worried about my production sites going offline. Now I have to worry about costs being forwarded to me the customer.

                    lol

                    You don't disappoint me often vBulletin, but I applaud you for this response.

                    Comment

                    • #11
                      Originally posted by niceguy2010 View Post
                      At first I was worried about my production sites going offline. Now I have to worry about costs being forwarded to me the customer.

                      lol

                      You don't disappoint me often vBulletin, but I applaud you for this response.
                      Why pay when there is no proof that this is real? You are trusting some moron on the internet who 'claims' to have hacked VB. Why on earth would someone pony up the cash to 'see' if it is for real? I could create screenshots just like those in Photoshop in 10 minutes.

                      I suddenly have an idea for extra Christmas money.... Be back in 10 minutes!

                      -Jason
                      sigpic

                      Comment

                      • #12
                        well my vBulletin site got hacked today. I'm no expert but the seemed to have changed something in the js folder. I replaced that, and a few other folders as well as all the vBulletin files and it's back online. i'm upgrading to V5.0

                        Comment

                        • #13
                          Upgrading the vB5 won't necessarily resolve your issue. You might want to check access and error logs
                          http://www.unrealkillers.com | unrealtournament 1999 | siege | combogib | bunnytrack | instagib ctf

                          Comment

                          • #14
                            Originally posted by Warbirdz View Post
                            well my vBulletin site got hacked today. I'm no expert but the seemed to have changed something in the js folder. I replaced that, and a few other folders as well as all the vBulletin files and it's back online. i'm upgrading to V5.0
                            There are no known expoits in vBulletin 4.2.0 or 4.1.12 and upgrading a production site to vB5 is not advisable as it is in beta.

                            Please review THIS thread for advice on securing your installation, and check your access logs for any suspect activity. You need to establish how the attacker gained access, it will almost certainly have been either via a modification, via the server, or via weak passwords.

                            If you need further assistance please start your own thread with full details of the problem.
                            MARK.B | vBULLETIN SUPPORT

                            TalkNewsUK - My vBulletin 5.6.4 Demo
                            AdminAmmo - My Cloud Demo

                            Comment

                            • #15
                              We've received a copy of one of the supposed "exploits" it doesn't do anything. Looks like a fishing scam for money.

                              Comment

                              Previous 1 2 template Next
                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...
                              X