Announcement

Collapse
No announcement yet.

Known Exploit Warning Question

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Originally posted by holymannn View Post
    should I delete vb5.php and runtime.php?

    Click image for larger version Name:	EB74D382-19EA-4456-8F01-6433D6D6535C.jpeg Views:	0 Size:	41.1 KB ID:	4445341
    You should asap turn off your server, since its not done with this files. If they can put files in your directory - they can put files elsewhere. You have been hacked, deleting 2 files wont fix that. Good luck.
    Paul M. 14.12.2012: You already know vB4 isnt being worked on atm, so of course no bugs are going to have been fixed in the last few months, nor are they going to get fixed "now".

    Comment


    • holymannn
      holymannn commented
      Editing a comment
      the files were placed before i updated the security patch. will i get hack again after the security patch?

  • #32
    Is it necessary to delete the runtime.php file? It tells me that the content is not as expected.

    Comment


    • #33
      w4tchm4n, Niktator

      If you look at the patch file (5.6.2 PL1) contents being applied, it shows the following two files being added:

      /core/includes/version_vbulletin.php
      /includes/vb5/template/runtime.php

      So runtime.php is definitely part of the patch.

      When I run AdminCP > Maintainence > Diagnostics > Suspect File Versions

      On my system it also marks runtime.php as not being part of the install. My guess is this file hasn't yet been included in the md5_sums_vbulletin.php, the checksum file vBulletin uses to confirm the files installed (at least I think this is the purpose of this file, to validate).

      I don't see a vb5.php as part of my install so this file may be a file left over from a past vBulletin install (if you don't clear out old files every time) or perhaps something to be concerned about.

      Tech support will have to answer your question for certain.

      Aly

      Comment


      • #34
        Originally posted by AlyGreen View Post
        w4tchm4n, Niktator

        If you look at the patch file (5.6.2 PL1) contents being applied, it shows the following two files being added:

        /core/includes/version_vbulletin.php
        /includes/vb5/template/runtime.php

        So runtime.php is definitely part of the patch.

        When I run AdminCP > Maintainence > Diagnostics > Suspect File Versions

        On my system it also marks runtime.php as not being part of the install. My guess is this file hasn't yet been included in the md5_sums_vbulletin.php, the checksum file vBulletin uses to confirm the files installed (at least I think this is the purpose of this file, to validate).

        I don't see a vb5.php as part of my install so this file may be a file left over from a past vBulletin install (if you don't clear out old files every time) or perhaps something to be concerned about.

        Tech support will have to answer your question for certain.

        Aly
        Thanks you so much.

        Comment


        • #35
          Originally posted by w4term4n View Post
          Is it necessary to delete the runtime.php file? It tells me that the content is not as expected.
          After applying the patch, the file will not contain the expected contents.

          You have not updated the checksum file since you installed the current version you're on. This file is not dynamic. It is created when you download the software.
          Translations provided by Google.

          Wayne Luke
          The Rabid Badger - a vBulletin Cloud demonstration site.
          vBulletin 5 API - Full / Mobile
          Vote for your favorite feature requests and the bugs you want to see fixed.

          Comment


          • #36
            Originally posted by holymannn View Post
            should I delete vb5.php and runtime.php?

            Click image for larger version Name:	EB74D382-19EA-4456-8F01-6433D6D6535C.jpeg Views:	0 Size:	41.1 KB ID:	4445341
            There is no vb5.php file.

            I recommend uploading a fresh copy of files for your version from the Member's Area and then running the suspect file diagnostics. Any file not listed as part of vBulletin should be removed. If you have non-vBulletin files on the server then you will need to inspect them to make sure they haven't been tampered with.
            Translations provided by Google.

            Wayne Luke
            The Rabid Badger - a vBulletin Cloud demonstration site.
            vBulletin 5 API - Full / Mobile
            Vote for your favorite feature requests and the bugs you want to see fixed.

            Comment

            Related Topics

            Collapse

            Working...
            X