Vbulletin exploit?

**Gwendolin** · Thu 16 Feb '12, 3:32am

Hello, have you found a fix for that?

I have the same problem and sometimes uploaded images are not uploaded and show on post the IMG code as data:image

I found this wrong upload img on an older thread on vb-germany too: in the archive you can see the code:

404 Not Found

http://www.vbulletin-germany.com/forum/archive/index.php/t-40756.html

Originally posted by nerofix

http://www.vbulletin-germany.com/forum/data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAOCAYAAAA8E3wEAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH1QUUDyoqJjAqRwAAAN1JREFUOMu1lMkVwyAMBYe0JG pCNUFNVk3k4AUwxPGS+ILxkzX8jyTH/Sfu9nrmJ3cXlnMASyWRPwd2d5XlHCBZn1BthcbRAdxTZQDI8k3mQzg11rhF+QZ9jdNOcQib6GFQYJYgCFucSRf6GsL U6wEY5yubTFqF2yq1vRwr3INXdQUWG+je1pELX4ED1wDyRAR0WfuAA9gloIT yvsFMIMgYInYRqF6rO9Sqz9qkO5ilyo0o3YBwJ+6vrdQonxWUQllhXeHcb/wabMPkP2n81ocAIoLZrMqn/4y2RwP8DcQ+d6rT9ATiAAAAAElFTkSuQmCC

But on the forum there is no image.

Which larger textfiles the browser crashes.

**meissen** · Sun 1 Apr '12, 4:44am

Curious if there was ever an answer to this - I've had it happen on my vb 4.1.x site a handful of times.

**vijayninel** · Mon 23 Apr '12, 3:32am

The same thing is happening to my forum. A white page appears where ever this is posted. Can anyone explain a solution to this?

**Maurd** · Mon 23 Apr '12, 4:11am

data URI scheme - Wikipedia

http://en.wikipedia.org/wiki/Data_URI_scheme

It means that someone is just innocently copy/pasting an image that was originally embedded as a Data URI.. Embedding small images in this manner is very common in web design since it spares an extra resource pull.

For example as posted above:

Originally posted by nerofix

http://www.vbulletin-germany.com/forum/data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAOCAYAAAA8E3wEAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH1QUUDyoqJjAqRwAAAN1JREFUOMu1lMkVwyAMBYe0JG %20pCNUFNVk3k4AUwxPGS+ILxkzX8jyTH/Sfu9nrmJ3cXlnMASyWRPwd2d5XlHCBZn1BthcbRAdxTZQDI8k3mQzg11rhF+QZ9jdNOcQib6GFQYJYgCFucSRf6GsL %20U6wEY5yubTFqF2yq1vRwr3INXdQUWG+je1pELX4ED1wDyRAR0WfuAA9gloIT%20yvsFMIMgYInYRqF6rO9Sqz9q kO5ilyo0o3YBwJ+6vrdQonxWUQllhXeHcb/wabMPkP2n81ocAIoLZrMqn/4y2RwP8DcQ+d6rT9ATiAAAAAElFTkSuQmCC

^^ That is the babelfish icon, which I would guess came when someone copy/pasted a translation.

Not sure why your browser would crash, it *should* just cause the broken image icon.

**meissen** · Mon 23 Apr '12, 5:17am

I've confirmed that it is in fact occurring when people paste an image from their clipboard directly into the editor box. The problem is that in most cases the image code is huge since people are usually posting high res images. Definitely seems like it's a bug - it shouldn't be allowing people to paste an image directly into the editor like that, it should be parsed as a [img]url[/img].

**MikesSite** · Mon 23 Apr '12, 8:06am

Unfortunately I think you are wrong...You may want to look into this: https://www.vbulletin.com/forum/show...88#post2185388

I don't think this is happening because someone is copy-pasting an image, I believe it's because your forum is compromised / hacked.

**Maurd** · Mon 23 Apr '12, 8:08am

Originally posted by MikesSite

Unfortunately I think you are wrong...You may want to look into this: http://www.theadminzone.com/forums/s...2&postcount=81

Actually, I think you might want to look at that. Maybe even read it twice.

**MikesSite** · Mon 23 Apr '12, 8:15am

Originally posted by Maurd

Actually, I think you might want to look at that. Maybe even read it twice.

Look at what? I have already read it more than twice. I have seen this exact issue happen multiple times on different forums. All were hacked / compromised. I could be wrong but it's just my 2 cents. Something to look into.

**meissen** · Mon 23 Apr '12, 6:06pm

The only thing I found with % wildcard in the connection privileges is for the default test\_% but Grant is set to No.

**vijayninel** · Sat 19 May '12, 12:04am

Originally posted by meissen

I've confirmed that it is in fact occurring when people paste an image from their clipboard directly into the editor box. The problem is that in most cases the image code is huge since people are usually posting high res images. Definitely seems like it's a bug - it shouldn't be allowing people to paste an image directly into the editor like that, it should be parsed as a [img]url[/img].

I can confirm this ... is there any solution to the issue?

**Infopro** · Sat 19 May '12, 4:39am

Originally posted by vijayninel

I can confirm this ... is there any solution to the issue?

Are you able to duplicate this right here on this forum?

**meissen** · Sun 20 May '12, 6:42am

edit: Of course not - it gets parsed as an image like it should...

**vijayninel** · Sun 20 May '12, 11:44am

Originally posted by Infopro

Are you able to duplicate this right here on this forum?

No it is happening on my forum.

vBulletin 3 End of Life

Vbulletin exploit?

Vbulletin exploit?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment