Register Members List Search Today's Posts Mark Forums Read

Closed Thread
 
Thread Tools
  #76  
Old 17 Nov 2013, 02:01
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Originally Posted by Paul M View Post
Posts edited or removed.

I will repeat one more time, this thread is not for made up nonsense.

Stick to facts, dont go making things up.
Which one is a fact? A single server was hacked as you claim, or servers as the notice from VBulletin claims? Just curious, since my post about others being wrong was considered enough nonsense to remove, but not those calling me paranoid, a conspiracy nut, or any of the others slamming me. Hardly seems impartial.
  #77  
Old 17 Nov 2013, 02:03
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Originally Posted by motorhaven View Post
Which one is a fact? A single server was hacked as you claim, or servers as the notice from VBulletin claims? Just curious, since my post about others being wrong was considered enough nonsense to remove, but not those calling me paranoid, a conspiracy nut, or any of the others slamming me. Hardly seems impartial.
Post #70 was edited by Paul, a post of mine was deleted....

You never answered my questions. Have you bought their "patch?" If not, why are you promoting it?
  #78  
Old 17 Nov 2013, 02:14
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
Originally Posted by hugh_ View Post
Was this an SQL injection and not a hack or vulnerability?
They broke into an old stage server, mainly used by QA for test installs of vB4 & vB5.
Its not know exactly how, but at one point there were in the region of 100 old installs on it, so anyone of them could have been used.

The best guess from evidence is that they hacked it sometime in late summer, and at some point between then and early October they uploaded adminer.
They then appear to have cracked a mysql user password for the Live DB server, and used it (via adminer) to read the vb.com and vb.org user tables.

After that it appears they moved on (they deleted adminer). Nothing was known about this until their facebook post the other day.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
  #79  
Old 17 Nov 2013, 02:16
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Originally Posted by Max Taxable View Post
I never saw that... I saw dummied up screenshots I could make for ya, to show anything I wanted you to see.

There was nothing at all about vB dot org in any of it.
VBulletin has acknowledged in the email they sent that systemS were hacked. In light of this this admission by VB the cracker's screenshot have credibility. Apparently credible enough for VBulletin.ORG to require everyone to change their password when logging in.

Last edited by motorhaven; 17 Nov 2013 at 02:25.
  #80  
Old 17 Nov 2013, 02:25
hugh_ hugh_ is offline
 
Join Date: Mar 2005
Originally Posted by Paul M View Post
They broke into an old stage server, mainly used by QA for test installs of vB4 & vB5.
Its not know exactly how, but at one point there were in the region of 100 old installs on it, so anyone of them could have been used.

The best guess from evidence is that they hacked it sometime in late summer, and at some point between then and early October they uploaded adminer.
They then appear to have cracked a mysql user password for the Live DB server, and used it (via adminer) to read the vb.com and vb.org user tables.

After that it appears they moved on (they deleted adminer). Nothing was known about this until their facebook post the other day.
Thanks for the clarification Paul.
  #81  
Old 17 Nov 2013, 02:25
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Originally Posted by Max Taxable View Post
Post #70 was edited by Paul, a post of mine was deleted....

You never answered my questions. Have you bought their "patch?" If not, why are you promoting it?
No, I bought nothing from them. Not once have I promoted anything, where in the world did you get that from?

I posted here because the hack was mentioned on another site, Paul M. knew about it there, and yet even after this there was silence from VB com/org. I posted to bring it to light, in part because the last time VB stalled on getting the word out about hacks thousands of VBulletin based sites got hacked.

Paul M. acknowledged the hackers gained access to vb.org's database. That makes you wrong.
  #82  
Old 17 Nov 2013, 02:27
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
Enough of the bickering, this is not the school playground.

I have made it quite clear what is known.
If you have genuine, sensible, questions to ask, or things to say you are are welcome, any more childish arguments and untruths will be removed.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
  #83  
Old 17 Nov 2013, 02:49
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
 
Join Date: Sep 2008
Real name: Michael Miller Jr
Originally Posted by motorhaven View Post
Welcome to I was right.

Had you followed all the resources out there about it you'd have seen there was than just screen shots. But you and others were too busy looking to defend VB rather than following and reading everything at the resources, such as the long thread over at Mac Rumors where there was plenty of info.

The right thing was not IB employees initially taking the Baghdad Bob role.
No you were not right, mistaken possibly... while assuming too much it seems.

Originally Posted by motorhaven View Post
The screen shots the script kiddie provided show the VB.org database in the list.
Well now a plain run of the mill fashion script kiddie could not do this, it was someone w/ knowledge and expertise enough to know where to look and what to look for and how to "dig" for it.

Originally Posted by motorhaven View Post
Which one is a fact? A single server was hacked as you claim, or servers as the notice from VBulletin claims? Just curious, since my post about others being wrong was considered enough nonsense to remove, but not those calling me paranoid, a conspiracy nut, or any of the others slamming me. Hardly seems impartial.
The reason why is your spreading rumors and paranoia around like wildfire which is causing panic if nothing else. Paul said a QA server was hacked, it had around 100 variations of old installs/database copies on it for testing purposes so therefor it was best for vbulletin.com and vbulletin.org to have us all change our passwords.

Until we all know more lets try and be civil, sorry if I came across wrong initially motorhaven but my points are still valid i.e. you only know of this because of what you've read and you're not Paul nor anyone else on staff at vbulletin.com so you didn't know "for sure" at time of posting.
__________________
Daddy Does Dios and Figs!
https://www.linkedin.com/in/thelastsuperman

Search - Use the search feature to find similar issues/answers.
Information - Include screenshots, copy/pasted error codes, url etc.
Fixed - Please return to your thread/post and let us know how it was fixed!
Thanks - For participating! Click the "Like" on a post if someone helped you!
  #84  
Old 17 Nov 2013, 02:55
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Real name: Simon
I changed my password here almost immediately (better safe than sorry!) yet when I logged in today I get told my password is more than 100 days old??

Is this normal behaviour Paul with this version of vb when password change is forced?

Last question, did or could the hacker have gotten our customer numbers and license numbers?
__________________
Kind regards,
Simon Microsoft Office Help
My Mods: Find my modifications here
Please do not pm me for support unless i have invited you to!
  #85  
Old 17 Nov 2013, 04:39
TNCclubman's Avatar
TNCclubman TNCclubman is offline
 
Join Date: Sep 2008
in canada we have laws where companies must immediately disclose they got hacked. Do you guys not have that down there in the states? seems like people are scared to put out an official declaration of what happened that can be verified by an audit by law punishable by jail or fines if lieing.
  #86  
Old 17 Nov 2013, 04:45
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Originally Posted by TNCclubman View Post
in canada we have laws where companies must immediately disclose they got hacked. Do you guys not have that down there in the states? seems like people are scared to put out an official declaration of what happened that can be verified by an audit by law punishable by jail or fines if lieing.
Many states have disclosure laws. California, where IB is based, does: SB 1386
  #87  
Old 17 Nov 2013, 05:38
Digital Jedi's Avatar
Digital Jedi Digital Jedi is offline
 
Join Date: Oct 2006
Real name: Mark Daniel Martinez
Originally Posted by motorhaven View Post
Welcome to I was right.
Dude, you were epically wrong. All you knew was what they said. And what they said turned out to (surprise) not be entirely true. You even had the order of events all wrong.


Originally Posted by motorhaven View Post
Many states have disclosure laws. California, where IB is based, does: SB 1386
Here's the thing. You found out about it the same day vB found out about it. Then asked why the silence. You didn't even give them a day to do basic research to find out if it was even true or actionable. This is why you got jumped on by the rest of us. We like a little proof with our outrage. And low-fat creamer.
__________________
  #88  
Old 17 Nov 2013, 07:36
DoubleGlasses DoubleGlasses is offline
 
Join Date: May 2008
So I have a question - is your account on vbulletin.com the same as your account on vbulletin.com/forum?

Because now I"m not even sure I have an account on vbulletin.com/forum - especially since I can't retrieve it...
  #89  
Old 17 Nov 2013, 08:14
AndrewSimm's Avatar
AndrewSimm AndrewSimm is offline
 
Join Date: Sep 2006
Originally Posted by DoubleGlasses View Post
So I have a question - is your account on vbulletin.com the same as your account on vbulletin.com/forum?

Because now I"m not even sure I have an account on vbulletin.com/forum - especially since I can't retrieve it...
no it is different and I would assume in a different database all together, but I don't know about the last part.
  #90  
Old 17 Nov 2013, 08:27
Digital Jedi's Avatar
Digital Jedi Digital Jedi is offline
 
Join Date: Oct 2006
Real name: Mark Daniel Martinez
Originally Posted by DoubleGlasses View Post
So I have a question - is your account on vbulletin.com the same as your account on vbulletin.com/forum?

Because now I"m not even sure I have an account on vbulletin.com/forum - especially since I can't retrieve it...
Paul already clarified this earlier in the thread.

Originally Posted by Paul M View Post
Not really sure what financial information you mean.

All the log files that were examined do not show any attemped access of customer data in the support system, they basically targeted the vb user table.
So, no. They're two different accounts.
__________________
Closed Thread

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mad-Silence styles Rafdin vBulletin 3.7 Styles 9 01 Dec 2008 08:37



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 17:08.

Layout Options | Width: Wide Color: