Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 09 Mar 2012, 01:46
DJ-Dez DJ-Dez is offline
 
Join Date: Jun 2010
vB Exploit

Hey,

Thinking vb3 has an exploit. All my users got moved into admin (I'm the only admin, locked admincp, moved it etc), tried shelling it with a gif.pp file, .htaccess blocked php so they couldn't get it, after that, all users were admin.

no idea why, any ideas of exploits? i had hooks enabled (so had no plugins running, in fact no plugin files were on, default vbull)

path level 2, 3.8.7 - cheers!
Reply With Quote
  #2  
Old 09 Mar 2012, 02:23
Fluke667 Fluke667 is offline
 
Join Date: Feb 2007
your server not secure?

your url?
Reply With Quote
  #3  
Old 09 Mar 2012, 06:16
IRANCITY's Avatar
IRANCITY IRANCITY is offline
 
Join Date: Nov 2007
i can give u a seacure VPS and secure your vbulletin
call me
Reply With Quote
  #4  
Old 09 Mar 2012, 10:45
MikkieWheeler MikkieWheeler is offline
 
Join Date: Jan 2012
Close the site or get better security.
Reply With Quote
  #5  
Old 09 Mar 2012, 18:30
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Real name: Lynne
Have you gone through your access_logs to how they got in?
__________________
Former vBulletin.org Staff Member

Try a search before posting for help. Many users won't, and don't, help if the question has been answered several times before.
W3Schools -
Online vBulletin Manual
If I post some CSS and don't say where it goes, put it in the additional.css template.
I will NOT help via PM (you will be directed to post in the forums for help.)
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 06:07.

Layout Options | Width: Wide Color: