Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 4 123 ... LastLast
Results 1 to 15 of 58
  1. #1
    WA
    WA is offline
    Administrator
    Join Date
    Mar 2002
    Posts
    2,596
    Thanks
    2
    Thanked 19 Times in 18 Posts

    CF was hacked this morning

    Early this morning CodingForums was hacked, specifically, the vBulletin software. The hacker added himself as an admin user, and carried out a few tasks such as email all forum members letting them know about it. The user gained entry through a vulnerability in vBulletin, as we weren't using the latest version.

    I've been working with our host and believe everything should be back to normal now. The way member passwords are stored, the hacker should not have access to them. FYI having access to an account is different than knowing its password, due to the way vBulletin stores the passwords. Better safe than sorry however, so I urge everyone to go into the USER CP and change their password.
    Usually I'm very cautious when it comes to security, but this time laziness got the best of me as I left the vBulletin software unpatched for a while. Sorry about the downtime, and let me know if you experience any problems.
    Last edited by WA; 11-29-2007 at 03:17 PM.
    - George
    - JavaScript Kit- JavaScript tutorials and 400+ scripts!
    - JavaScript Reference- JavaScript reference you can relate to.

  • #2
    Master Coder
    Join Date
    Apr 2003
    Location
    in my house
    Posts
    5,211
    Thanks
    39
    Thanked 201 Times in 197 Posts
    There's a word for people like that!!

    It's working better now but I find that the main index isn't presenting correctly in FF. It's as though the tables of forums needs the clear : all attricute added as the grey adverts immediately above it, push it to the right - off the screen.

    XP(1024x768)FF 2.0.0.10

    bazz

  • #3
    WA
    WA is offline
    Administrator
    Join Date
    Mar 2002
    Posts
    2,596
    Thanks
    2
    Thanked 19 Times in 18 Posts
    It's as though the tables of forums needs the clear
    That was it exactly, thanks. Yep, real pain in the ***, having to stay awake the entire night to take care of this.
    - George
    - JavaScript Kit- JavaScript tutorials and 400+ scripts!
    - JavaScript Reference- JavaScript reference you can relate to.

  • #4
    Master Coder
    Join Date
    Apr 2003
    Location
    in my house
    Posts
    5,211
    Thanks
    39
    Thanked 201 Times in 197 Posts
    if your still awake, can you find out why I can't edit a post in the MYSQL forum. maybe a mod can delete it. it's called 5th attempt to post - test.

    Whilst i was able to post, I havenlt been able to edit it with a real message.

    no rush - sleep is necessary lol.

    bazz

  • #5
    WA
    WA is offline
    Administrator
    Join Date
    Mar 2002
    Posts
    2,596
    Thanks
    2
    Thanked 19 Times in 18 Posts
    Hmm what happens when you try to edit your thread, by clicking on the "Edit" icon? I tried logging in using a test account, and was able to post then edit a test thread.
    - George
    - JavaScript Kit- JavaScript tutorials and 400+ scripts!
    - JavaScript Reference- JavaScript reference you can relate to.

  • #6
    Master Coder
    Join Date
    Apr 2003
    Location
    in my house
    Posts
    5,211
    Thanks
    39
    Thanked 201 Times in 197 Posts
    I tried again to post a new thread and got this.

    [big letters] Not Acceptable [/big letters]

    An appropriate representation of the requested resource /newthread.php could not be found on this server.

    Apache/1.3.37 Server at www.codingforums.com Port 80

    I tried to edit the message and got this:

    [Big Letters]Not Acceptable[/Big Letters]
    An appropriate representation of the requested resource /editpost.php could not be found on this server.

    Apache/1.3.37 Server at www.codingforums.com Port 80



    So I can't edit the last 'test' message I wrote.

    bazz

    Strangely, I can edit this message OK.
    Last edited by bazz; 11-29-2007 at 03:47 PM.

  • #7
    Super Moderator Inigoesdr's Avatar
    Join Date
    Mar 2007
    Location
    Florida, USA
    Posts
    3,647
    Thanks
    2
    Thanked 406 Times in 398 Posts
    That explains the login box I got when I tried to load the site this morning. I didn't get the e-mail though. Looks like the mod/admin images are gone.

  • #8
    WA
    WA is offline
    Administrator
    Join Date
    Mar 2002
    Posts
    2,596
    Thanks
    2
    Thanked 19 Times in 18 Posts
    An appropriate representation of the requested resource /newthread.php could not be found on this server.

    Apache/1.3.37 Server at www.codingforums.com Port 80
    Ok, that issue should be solved now.
    - George
    - JavaScript Kit- JavaScript tutorials and 400+ scripts!
    - JavaScript Reference- JavaScript reference you can relate to.

  • #9
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    The thank user for post buttons appear twice on each post.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #10
    Banned
    Join Date
    Nov 2007
    Posts
    0
    Thanks
    0
    Thanked 0 Times in 0 Posts
    hello dear

    our group has found a bug on Vbulletin 3.6.x Serries

    with this Bug you easily in less than 2 minutes get the Admin Access to a Registered User.

    Not even updating Patches will solve this Priv8 exploit. (admin please dont make urself tired ; )

    you can easily hack 97 % of Vbulletin forums.

    of you want ? send me Email for deal.

    Email John.hendrich [at] yahoo [dot] com
    Y!M : john.hendrich


    - regards

  • #11
    Banned
    Join Date
    Apr 2007
    Posts
    428
    Thanks
    29
    Thanked 5 Times in 5 Posts
    damn hackers.

    i will just remind that i also have two "thank you for post" buttons on posts

    anyway, sometimes it's good that forum is offlimits, couse i saw sun today, after a long period of time (j/k i didn't saw sun, couse other forums were online )

    @aerospace i think someone edited your sig couse it's big

  • #12
    Banned
    Join Date
    Nov 2007
    Posts
    0
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by matak View Post
    damn hackers.

    i will just remind that i also have two "thank you for post" buttons on posts

    anyway, sometimes it's good that forum is offlimits, couse i saw sun today, after a long period of time (j/k i didn't saw sun, couse other forums were online )

    @aerospace i think someone edited your sig couse it's big
    please be polite

  • #13
    Master Coder
    Join Date
    Apr 2003
    Location
    in my house
    Posts
    5,211
    Thanks
    39
    Thanked 201 Times in 197 Posts
    I agree totally. There is no point in getting annoyed with such inconsequential pieces of pond life who are of absolutely no benefit to anyone.

    bazz

  • #14
    Regular Coder funnymoney's Avatar
    Join Date
    Aug 2007
    Posts
    364
    Thanks
    17
    Thanked 24 Times in 24 Posts
    you are really a lousy forum admin, you can't even ban people like you are supposed to... ROFL

  • #15
    Super Moderator Inigoesdr's Avatar
    Join Date
    Mar 2007
    Location
    Florida, USA
    Posts
    3,647
    Thanks
    2
    Thanked 406 Times in 398 Posts
    Who was supposed to be banned?


  •  
    Page 1 of 4 123 ... LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •