Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 19 Nov 2006, 08:08
michaelsilvia michaelsilvia is offline
 
Join Date: Jul 2005
Have Flash Chat integrated? BE ADVISED!!!

Guys I had Flash Chat installed on one of my forums. I was hacked through the flash chat and they go into my config file. How do I know? Because I talked to the hackers! They are a group of Turkish hackers that took down my site. They stated that there is a major security hole in Flash Chat that let them into my config file. They didn't speak the best English but they stated there was some "aedating" file they got into.

I am not a programmer! I am just warning everyone. I will post this in the Flash Chat forum. I am assuming they got in through the vB bridge, but am not sure. I love Flash Chat it is a shame I had to remove it because my members love it.

Anyone else get hacked?

Mike
Reply With Quote
  #2  
Old 19 Nov 2006, 11:22
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
You should never assume anything.

That's an old and well known exploit (the aedating CMS files).

It has nothing to do with vb integration, and was fixed almost three months ago in Flashchat version 4.6.2.

Also, it can only be used if you have register globals enabled in php, which is another well known security issue that your host should fix.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 09:44.

Layout Options | Width: Wide Color: