is this "chat od" thing an infection or did you do it on purpose?

b.d.d. · Jan 1, 2014

i click links to threads and it sends me to a spam site.

edit: see below

dmoney101 · Jan 2, 2014

that's what we all wanna know

b.d.d. · Jan 2, 2014

dmoney101;573968 said:
that's what we all wanna know

its an exploit. If you need help fixing it let me know, I've ran big boards before. Here is info

found this searching..

"Finally fixed it. The attacker has just took out the wot.php by injecting code to the startup plugin hook of vBulletin. I'm wondering how he could do that... Was it a vBulletin security breach? Or even he found an insecure code by me? It would be great if the attacker would tell me "

need to make sure the install directory is deleted, edit out the code, look in the plugins for any plugins with weird names/edits.

look at your "admins" usergroup>primary users and i bet you have one you didnt add... delete him.

"Just a notice to all affected users - delete your /install/ directory!

The "hack" self is sitting in the Pluginsystem, a plugin called "vBulletin" in the "init_startup" hook.
Check also for a user "abdou" who has assigned the Administrators group."

it will be in the "plugins manager", not the "manage products" section, probably right at top.

b.d.d. · Jan 2, 2014

there is also a scan file you can run from installing off ftp, not in the vbulletin system. it will list all the edited files, look for any you didnt add and then delete them via ftp. ill try to find the file

b.d.d. · Jan 2, 2014

HTML:

blwwwwww

^^^
the other error (;ine 389 on new posts) is due to html being turned on in the forum which is a bad thing to do in general because people can hijack your forum. there is an error tracker on VB for this problem but if you turn off html it shoudl fix it or..
didnt read this because i wasnt logged in but here is the bug, they say scroll down and ther is a fix i take it.

http://tracker.vbulletin.com/browse/VBIV-15858

on the thread they posted this (this is about newreply.php)

Code:

Find:

$newpost['htmlstate'] = array_pop($array = array_keys(fetch_htmlchecked($vbulletin->GPC['htmlstate'])));

Replace by:

$htmlstate = fetch_htmlchecked($vbulletin->GPC['htmlstate']); $array = array_keys($htmlstate); $newpost['htmlstate'] = array_pop($array);

or

Add the following line to your config.php under the <?php line:

Code:

define('SKIP_ALL_ERRORS', true);

b.d.d. · Jan 2, 2014

to use the tools.php file, upload the install folder (pretty sure this has to be present to run tools.php), then upload tools.php, run it and do a file check. when you are done...delete that shit!

http://www.ehow.com/how_12229310_use-vbulletin-tools-php-file.html

dmoney101 · Jan 2, 2014

I don't run the forum so i can't do shit about it

huge-girth · Jul 23, 2023

We rarely get attacked these days. All thanks to the people working behind the scene.

49-er · Jul 23, 2023

🙏

DLD · Jul 23, 2023

huge-girth said:
We rarely get attacked these days. All thanks to the people working behind the scene.

We have a great group of men doing an incredible job

huge-girth · Jul 25, 2023

DLD said:
We have a great group of men doing an incredible job

This good for the brotherhood.

DLD · Jul 25, 2023

Grow grow grow!!!!

squirt_inducer_man · Jul 25, 2023

DLD said:
Grow grow grow!!!!

As fast as possible.

is this "chat od" thing an infection or did you do it on purpose?

b.d.d.

0

dmoney101

1

b.d.d.

0

b.d.d.

0

b.d.d.

0

b.d.d.

0

dmoney101

1

huge-girth

Moderator

49-er

Active Member

DLD

doublelongdaddy

huge-girth

Moderator

DLD

doublelongdaddy

squirt_inducer_man

Also called: SIM

Similar threads