Announcement

Collapse
No announcement yet.

Use Backup from 23.09 after Zero day Exploit?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Use Backup from 23.09 after Zero day Exploit?

    Hello,

    after my Forum Version 5.4.1 get hacked at 26.09 i have delete the Databank and the Forum folder from them FTP. Now i have a Backup from the 23.09 and i have 2 Quetions:

    1. What Data or Folder i have to check in my Backup to be sure that this backup isnt infected?
    2. if nothing is infected, how big is the chance to backup and update to 5.5.4 Level 1 without being hacked again?
    3. is it possible to update or change the Exploit date in the backup before i import it on the server?

    Thank you


  • #2
    1. All of the directories in vBulletin. You should use a new set of vBulletin 5.5.4 Patch Level 1 files in a new directory. Databases generally haven't been affected since vBulletin 5 doesn't store add-on code in the database.
    2. Very Low. Can't give 100% guarantee but this particular vector will be closed.
    3. I have no idea what you mean by this.
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API - Full / Mobile
    Vote for your favorite feature requests and the bugs you want to see fixed.

    Comment


    • #3
      Originally posted by Wayne Luke View Post
      1. All of the directories in vBulletin. You should use a new set of vBulletin 5.5.4 Patch Level 1 files in a new directory. Databases generally haven't been affected since vBulletin 5 doesn't store add-on code in the database.
      2. Very Low. Can't give 100% guarantee but this particular vector will be closed.
      3. I have no idea what you mean by this.
      3. i mean, maybe it is possible to fix the exploit in the old Version of VB in my Backup before i upload it to upgrate, so nothing can be happend in the time between uploading and upgrading the version.

      Comment


      • #4
        I suggest that you forget about using the vBulletin files in your backup and just restore the database. Then use a clean set of vBulletin 5.5.4 PL1 files downloaded from the site. Upload those files and run the upgrade script after restoring your database. Uploading a backup over your current files will not resolve anything and you will still be at risk. The reliability of your backup files being unaffected by the hack are less than 5%. I wouldn't risk it.

        If you have your attachments stored in the file system (not the default option), then you should search your attachment directories for PHP, HTML, BAK, and ICO files before uploading them to the server.

        If you have your avatars stored in the file system (not the default option), then you should search your customavatar directory for PHP, HTML, BAK, and ICO files before uploading it to your server.
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API - Full / Mobile
        Vote for your favorite feature requests and the bugs you want to see fixed.

        Comment


        • #5
          thank you

          look that evrey thing work.

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X