Tweet
Hacked through 3.8.6 flaw, anything else to check?
To the "friendly" hacker who made an Admin account to warn us about the flaw, thank you for doing no damage! As I was on vacation this week, it would otherwise have been until next week that I logged in to find the control panel notice about the patch update.
I have since patched to fix the flaw and verified that no other obvious accounts with admin level access exist. I've also changed admin passwords as a precaution. I've also submitted tickets to my service provider and vBulletin and have taken some other precautions they suggested in case other hackers also got access.
Any other suggestions on things to check that a clever hacker might have done within vBulletin to expose a hole for a future attack? I've checked the vBulletin moderator and control panel logs and found nothing obvious, so hopefully the warning post, report and PM were the extent of all actions taken via the security flaw. But, just to be safe, I'd love to hear any other suggestions to check as I'm certainly no expert in this type of thing. Thanks!
I have since patched to fix the flaw and verified that no other obvious accounts with admin level access exist. I've also changed admin passwords as a precaution. I've also submitted tickets to my service provider and vBulletin and have taken some other precautions they suggested in case other hackers also got access.
Any other suggestions on things to check that a clever hacker might have done within vBulletin to expose a hole for a future attack? I've checked the vBulletin moderator and control panel logs and found nothing obvious, so hopefully the warning post, report and PM were the extent of all actions taken via the security flaw. But, just to be safe, I'd love to hear any other suggestions to check as I'm certainly no expert in this type of thing. Thanks!
Comment