Possible hack

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • donald1234
    Senior Member
    • Oct 2011
    • 1953
    • 4.1.x

    [Forum] Possible hack

    Hi, I have vbulletin 4.1.7 and am new and a bit nieve. I had a problem that I posted here and someone registered on my forum and helped me with my problem via pm, he then said that he was having problems with uploading his avatar and asked me to enable avatar uploading in member groups registered user, then my server installed new security patch and this morning he came back and asked me to change avatar pixel size from 80x80 to 100x100 in user groups registered user, he also asked me to raise pm limit to 100 which I did. I became suspicious and I ran a suspects file versions test in diagnostics, most of the files get a tick but these two worry me, or is this just the file that has been patched?:-

    socialgroupmessage.php File does not contain expected contents

    upgrade.php File not found

    Can anyone advise. Thank you.

    Just to add there are no actual problems with the running of the forum that I know about.
    Last edited by donald1234; Fri 4 Nov '11, 9:39am.
  • Troy Roberts
    Senior Member
    • May 2000
    • 339

    #2
    The actions your user asked you to perform appear to be simply requests to make your forum have have more/expanded features for regular users. They were not malicious.

    The security patch that you had installed modified the socialgroupmessage.php file. I assume that is why it was flagged but will test on my own system to verify.

    upgrade.php is used during the upgrade process and deleted after it is complete. Do not worry about it missing.

    It looks to me like everything is just fine with your forum.

    Comment

    • Riasat
      Senior Member
      • Aug 2006
      • 4013

      #3
      That php file was patched and this is why it is appears in that way. If you run the upgrade.php again, it should fix this issue.
      as for upgrade.php being missing, you probably removed it yourself after installation.

      None of his requests contain anything unusual.

      Comment

      • donald1234
        Senior Member
        • Oct 2011
        • 1953
        • 4.1.x

        #4
        Hi, thanks for the reassurance, it was the server that installed the security patch, I am not much good at that.

        Comment

        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
        Working...