vbportal?

**TommyBALL** · Thu 27 Jul '06, 2:13am

I've always used Safe Mode to restrict a bunch of seriously dangerous functions.

404 Not Found

http://www.php.net/manual/en/features.safe-mode.functions.php

But now, in their wisdom, the PHP developers have decided to remove safe mode in PHP 6.0.0

PHP: Manual Quick Reference

http://www.php.net/~derick/meeting-notes.html#safe-mode

*sigh*
- Tommy

**gothic** · Thu 27 Jul '06, 2:18am

Originally posted by firewire

I am amazed to see nobody is worried about their email address and password has got into the hands of a hacker...

As soon as I got the email, and realising what was happening I made sure I went to all other sites/communities I belong to and changed password!

**RobAC** · Thu 27 Jul '06, 2:37am

Originally posted by CreedFeed

You should have agreed to pay the money and obtained their e-gold information and then report them to the authorities...

You're absolutely right....and they should have come to you for the $20k too.

**smackLAN** · Thu 27 Jul '06, 4:18am

Really sucks Bill! I'm sure it goes without saying that most in this community are in full support of you and your business! Thanks for sharing the hardening info as I use LiquidWeb as well. They also recommended to me that ModSecurity (Apache addon) be installed.

**DebC** · Thu 27 Jul '06, 5:22am

A dark day indeed... You guys work way too hard for this. It kills me to know that alot of these forein countries are above any laws.

On the other hand, it's wonderful to see everyone working together to resolve this and prevent any further destruction.

Oh and "Mrs. Scotmist"...thanks for keeping the coffee on

**ShadyNight** · Thu 27 Jul '06, 6:20am

UGH! Can't say I envy you.

Wish you the best in finding this quickly, no need to lose more sleep than needed eh?

**centris** · Thu 27 Jul '06, 6:35am

Hope you get things sorted Bill/Stuart also appreciate any info on how it was done, what we should be checking for on our own servers, also what country these retards launched the attack from if known. I already had to block all IP addresses from Brazil once over.

**barroca** · Thu 27 Jul '06, 7:48am

what we need to do?

hello,
i receive - and all, by the way - a email with explain of vulnerabilities of vb.
really i'm fell .... confused.
this occours only with vpportal installations? or any vb sites

....
i hope give instructions to fix any problem.
tks
barroca

**SaN-DeeP** · Thu 27 Jul '06, 7:58am

i receive - and all, by the way - a email with explain of vulnerabilities of vb.

can some dev. or vbulletin officials post to this please ?

**Zachariah B** · Thu 27 Jul '06, 8:02am

Scotsmist, Wajones I am always on-line fellas.
- Hit me on IM.

There is nothing like donating time and resources to put people in prison.

**barroca** · Thu 27 Jul '06, 8:27am

don't understand - sorry

hello,

- Hit me on IM.

sorry, but I don't understand this.

tks
barroca

**Scott MacVicar** · Thu 27 Jul '06, 8:47am

Originally posted by barroca

hello,
i receive - and all, by the way - a email with explain of vulnerabilities of vb.
really i'm fell .... confused.
this occours only with vpportal installations? or any vb sites

....
i hope give instructions to fix any problem.
tks
barroca

We are signed up to all the lists you are signed up to, plus a little infiltration into "hacking" groups to keep tabs on whats going on. We investigate every single claim against vBulletin as well as those for other pieces of software that might affect us.

The last 4-5 vBulletin "exploits" have been in 3rd party code, non vBulletin related or completely made up.

This includes:
Being able to "steal" cookies from another site just by linking.
SQL Injection to a clearly sanatised field.
Being able to insert HTML into the template system :O

and so forth...

I've looked at the vB Portal code and recommended some changes for them to implement, mainly around the use of user provided data into include / require statements. We only do this is one occasion in vBulletin (payment_gateway.php) but you are forced to use whats in the database and not the user output.

If you think you've found something that we've not addressed then post it in the bug tracker and we'll get it looked at.

**wajones** · Thu 27 Jul '06, 8:48am

Originally posted by SaN-DeeP

can some dev. or vbulletin officials post to this please ?

There are no known security issues with vBulletin, this thread is about the vbportal web site being hacked by a low life extorist. Scott MacVicar has been kind enough to help us identify some issues and we should have a fix out on the vbportal site later this evening.

BTW: This intrusion is the same as has been happening all over the web lately, even the Apache web site has been hacked into several times. http://www.apache.org/info/20010519-hack.html There just isn't enough to be said about security. All we can do is keep fighting these people.

Sorry Scott, I posted without reading your post and Thank you very much for the help.

**Zachariah B** · Thu 27 Jul '06, 8:51am

Originally posted by barroca

hello,

sorry, but I don't understand this.

tks
barroca

"Hit me on IM"

Contact me via. Instant Message - (Yahoo, AIM, ICQ)

**funpilot** · Thu 27 Jul '06, 9:05am

Full support

As a corporate user of vBulletin and the Portal, I fully support the efforts being made to address these issues. Just make sure we all do full backups ....

vbportal?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment