• Do you Play DayZ, World of Tanks or STO? Why not visit our Partner website The Good Stuff Clan and join the gaming goodness they have to offer, click here to join their discord


vBulletin 5.x My Vbulletin hacked again

gisfreak

Valued Member
Joined
Oct 26, 2019
Messages
54
Reaction score
57
Points
26
Age
37
Location
INDONESIA
DS Credits
939D$
use the 5.6.0 version for couple weeks after upgrade from version 5.5.x and booom, got pawned with SQL injection from this CVE:

Code:
You don't have permission to view the code content. Log in or register now.
oh God, i really hate this platform.

been managed to scrap some stuff (data) try to revive my forum but i still stuck on this error:

Code:
You don't have permission to view the code content. Log in or register now.
seems the hacker already alter my database somehow and insert bunch of "pwn" word , i dont know how to clean up the mess if its related to database

i dont know if hacker also inserts another malicious regex/script inside my database, anyone with some hint how to search it on database and probably able to clean it?

anyone using 5.6.0 or below please update to security patch level 1 ASAP, if you dont want to get big trouble like me.

in total, just on couple of months straight my forum got hack twice, with a different bug of this platform. maybe i should change platform and ditch this messy product.

geez what an awful product :mad:
 

LSDeep

Beach Bum
Site Administrator
Joined
Jul 7, 2019
Messages
6,232
Reaction score
3,796
Points
389
Location
Planet Shroom
DS Credits
139,723D$
just a semi-educated idea here - seems you are looking at a template issue? based on the file tree. did you try to use a diff template just to see what happens? i am really not the best person for that stuff - just a first thought.
 
  • Like
Reactions: gisfreak

gisfreak

Valued Member
Joined
Oct 26, 2019
Messages
54
Reaction score
57
Points
26
Age
37
Location
INDONESIA
DS Credits
939D$
already clean up the script, delete all 5.6.0 script inside my hosting. and upload new 5.6.1 from here
after that, update my forum but that error still there, so my guess would be they insert something on to my database other than "pwn" word
already clean up some "pwn" word on my database by query, but for the error "blank command......." still persist

been searching and found nice links on vbulletin.org :

Code:
You don't have permission to view the code content. Log in or register now.
about query to check the database,

i dont know if i will continue using vbulletin for my project, maybe i will take a look Joomla for another alternative o_O

this never happen with XF, IPS or Woltlab, just sayin', my other projects
i dont know how vbull guys handle their developing stages, epecially on security
 
  • Like
Reactions: LSDeep

LSDeep

Beach Bum
Site Administrator
Joined
Jul 7, 2019
Messages
6,232
Reaction score
3,796
Points
389
Location
Planet Shroom
DS Credits
139,723D$
... i dont know if i will continue using vbulletin for my project, maybe i will take a look Joomla for another alternative o_O ...
depending on the project, joomla is often a good alternative. i know many prefer WP because it is easy, i still think joomla is the better alternative. it takes a little more time to get used to/ 'get into it'... call it steeper learning curve - not a popular thing this days.

cheers, L
 
  • Like
Reactions: gisfreak

LSDeep

Beach Bum
Site Administrator
Joined
Jul 7, 2019
Messages
6,232
Reaction score
3,796
Points
389
Location
Planet Shroom
DS Credits
139,723D$
just in general i think (that's just my opinion, i don't need bashing about it) the vBulletin days are also kinda over. so far, at this point - or they really need to to pull up their game.

cheers, L
 
  • Like
Reactions: gisfreak
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock