New vB exploit

Status
Not open for further replies.
It seems a fake:

Someone forwarded the code from the first exploit and it does not work on a default installation of vBulletin 3 or 4. vBulletin 5 does not have a showthread.php file which is what the exploit reportedly gains access through.
Click to expand...
 
ManagerJosh said:
Both vBulletin 3, and vBulletin 4 have uniquely salted hashed passwords.
Click to expand...
That's probably not the answer anyone wanted to hear. :)

On the lines of sql injection. My v3 site was hacked a couple weeks ago.
Someone on vB sent be a PM suggesting which addon it was. I don't think it was that addon since another site was hacked using a similar method not having the same addon.

They managed to add a script that added 3 adsense banner ads to my header template with their pub id.
I'd delete it and a cron job would reinstall it.
I had to clean up my datastore and pluginlist table.
It would have gone unnoticed for a month except for the fact that I only have 1 banner ad and now 3.
They also changed one of my php files. :(
 
Banana Pup said:
incoming vB fan boys.. oh wait, they are already in the thread.
Click to expand...
Not at all.
I thought the OP was informative since I don't frequent vb.com that much.
Whether it was meant to be informative or the point was to bash vB once again, I won't make a judgement.
But these threads serve no purpose other than to bash vB.
I guess if it makes everyone feel good, so be it.

Don't get me wrong. I hope the lawsuit will be a thing of the past and we all can move on with xf.
 
Banana Pup said:
incoming vB fan boys.. oh wait, they are already in the thread.
Click to expand...

Yeah, I had a chuckle about that one.....I never needlessly bash anyone, but considering what IB has been doing which affects me and actually millions (the wiki thing, XF thing, etc.)...IF I was going to bash, I would feel quite right about using them as a target!
;)

This world is full of forgiveness. Anytime they decide to, they can rejoin the ranks of all the people and companies making the world a better place through the internet. But it ain't gonna happen with their game of faux monopoly.
 
Banana Pup said:
incoming vB fan boys.. oh wait, they are already in the thread.
Click to expand...

Yes, right there with the IB haters who jumped in after about three posts, with the usual anti vB / IB nonsense. ;)


Oh, btw, just getting back to the actual topic for a second, the so called "exploit" fails to do anything on a default vB3/4/5 forum.
 
Paul M said:
Yes, right there with the IB haters who jumped in after about three posts, with the usual anti vB / IB nonsense. ;)


Oh, btw, just getting back to the actual topic for a second, the so called "exploit" fails to do anything on a default vB3/4/5 forum.
Click to expand...
Two pages too late. :)
 
Status
Not open for further replies.

Similar threads

JoshyPHP
XF 2.3 Making it easier to release a new version of an add-on
Replies
0
Views
37
JoshyPHP
JoshyPHP
R
XF 2.3 /whats-new/posts/ - Mainnavi WhatsNew / Forum
Replies
3
Views
60
Kirby
K
Taylor J
XF 2.3 Class extension issues for new ThreadType
Replies
3
Views
72
Taylor J
Taylor J
pegasus
Fixed New URL romanization options do not enforce intl extension properly
Replies
6
Views
314
XF Bug Bot
XF Bug Bot
Mr Lucky
Permissions to View thread but not thread content - not applied to new post list
Replies
5
Views
66
Mr Lucky
Mr Lucky
Back
Top Bottom