Results 1 to 8 of 8

Thread: Website HACKED

  1. #1
    New Member
    Join Date
    Aug 2013
    Posts
    1

    Default Website HACKED

    hello everyone,

    This website is Unsecured. I was penetrating this website and I find that it have multiple vulnerabilties, unfortunately I dont know who is the admin here. so whoever this forum concern PM me on Skype : victory2egy

    If you want this website's vulnerabilities to be Fixed.

  2. #2
    Greatly Respected Member
    Join Date
    May 2009
    Location
    New Jersey/Vancouver
    Posts
    1,465

    Default

    It's just vBulletin version 4.2.1 that has the vulnerabilities ... It's abundantly clear nobody bothered to patch the holes ...
    Atticus, care to explain ?

    A while back, I strongly suggested not to update to the 4.x.x version but nobody wanted to listen ...

    I am sure this ^above^ individual has read the secret Admin/Mod section ... Who knows if code was added or perhaps a .xml ... Nothing like having a complete stranger all up in your business especially when you're running a business and people count on you to secure their privacy ... Bravo, bravo.. encore !

    There is A LOT more than just throwing up a vBulletin message board and letting the Spam-O-Matic run the show ...
    For some odd reason.. why am I not surprised ?

    Stephanie



  3. #3
    King of the Nether Rain Forest Atticus's Avatar
    Join Date
    Jul 2010
    Posts
    46

    Default

    Sky - sent you a pm.

    You're a light in everyone's life Steffi. Keep on thinking you know what's up. TLC would love to meet you.

  4. #4
    Administrator
    Join Date
    Feb 2009
    Posts
    1,669

    Default

    The forums get neglected sometimes and vB is famous for vulnerabilities.

    There's not much on the forums, and it's all backed up, so not really a big deal.

    Our security efforts are devoted to the main site obviously.

    Nonetheless, the forums are now secure. Thanks sky.
    The colossal misunderstanding of our time is the assumption that insight will work with people who are unmotivated to change. Communication does not depend on syntax, or eloquence, or rhetoric, or articulation but on the emotional context in which the message is being heard. People can only hear you when they are moving toward you, and they are not likely to when your words are pursuing them. Even the choices words lose their power when they are used to overpower. Attitudes are the real figures of speech. - Edwin H. Friedman

  5. #5
    Greatly Respected Member
    Join Date
    May 2009
    Location
    New Jersey/Vancouver
    Posts
    1,465

    Default

    Quote Originally Posted by Atticus View Post
    You're a light in everyone's life Steffi. Keep on thinking you know what's up. TLC would love to meet you.
    Absolutely hysterical ! ... Well since I have it all wrong then.. perhaps you can enlighten me on "what's up"
    All I know is that I make my weekly rounds and noticed we have a new Administrator ( unauthorized of course and extremely embarrassing ) and you're going to have the brass ones to ridicule me, (The Princess) when this boards security is your responsibility ? ... I mean like let's get real here kid ...

    Nope.. Labor Day is here which is our unofficial end of summer ... No summer time activities means no dates or meetings.. Sorry ...
    Tootles


    Quote Originally Posted by Suzuki View Post
    The forums get neglected sometimes and vB is famous for vulnerabilities.

    There's not much on the forums, and it's all backed up, so not really a big deal.

    Our security efforts are devoted to the main site obviously.

    Nonetheless, the forums are now secure. Thanks sky.

    All forums get neglected including mine ... Mine consists of a lot of broken image links / duplicate content which is horrible for search engine SEO.. not to mention Google Penguin cutting mostly everyone in the adult industry's SE traffic in half ...

    My concern here with this unpatched 4.x.x version is if you had valuable industry / log-on User & Pass information stored in a hidden category that only Admins can see.. your little hacker friend here would have had access to all that information ... Can you imagine Paypal and stuff ? .. Wow Wee ...


    lil miss sunshine
    Stephanie
    Last edited by Steffi; 09-02-2013 at 06:37 AM.

  6. #6
    King of the Nether Rain Forest Atticus's Avatar
    Join Date
    Jul 2010
    Posts
    46

    Default

    For the record, we're running the latest version of vB4. I can't recall a time in history when vB wasn't riddled with security holes. Problem is, all forum software is. phpBB was god awful.

    Good thing we don't have a forum like you were concerned about! That would be an issue, huh?

    The best of us get hacked, Steffi. The exploit this hacker used was probably this new one vB is warning about but they haven't fixed yet. If you really want to come down on someone for negligence, http://www.vbulletin.com/contacts/ is a good place to start. Anyway, you're no princess. Your soap box is going to break soon if you keep stomping on it.

  7. #7
    Greatly Respected Member
    Join Date
    May 2009
    Location
    New Jersey/Vancouver
    Posts
    1,465

    Default

    Quote Originally Posted by Atticus View Post
    For the record, we're running the latest version of vB4. I can't recall a time in history when vB wasn't riddled with security holes. Problem is, all forum software is. phpBB was god awful.
    It doesn't matter which version you're running ... You have to keep up with the FREE security updates and or official support information ...
    I understand it's a nuisance constantly checking but periodically make rounds ... ( I do all the time ) ...
    Phpbb.. you get what you pay for ...



    Quote Originally Posted by Atticus View Post
    Good thing we don't have a forum like you were concerned about! That would be an issue, huh?
    I've seen it happen ... It's horrible ... Everything was compromised including their Ebay account ...
    (This was a while ago prior to Ebay / Paypal freezing accounts due to numerous IP log-ons)



    Quote Originally Posted by Atticus View Post
    The best of us get hacked, Steffi. The exploit this hacker used was probably this new one vB is warning about but they haven't fixed yet. If you really want to come down on someone for negligence, http://www.vbulletin.com/contacts/ is a good place to start.
    I can not believe there are no official patches for this current vulnerability nor how-to instructions to fix this yourself ...
    Oh wait.. what's this from Wayne ?
    http://www.vbulletin.com/forum/forum...-1-vbulletin-5

    You're not telling me anything new ... I use to date / still friends with a VB developer as for the reason my 3.8.2 has all the bells and whistles on it ...

    To reiterate ; Why would anyone invest their confidence in a completely untested version ? ... That was my argument prior to this installation ...

    Quote Originally Posted by Atticus View Post
    Anyway, you're no princess. Your soap box is going to break soon if you keep stomping on it.
    Ohhhhh Paaaaaleeeeeeze ... I use body wash.. not yucky soap ! ...
    Do not get all pissy attempting to vent your frustrations out on me with indirect threats ...
    It's very childish and extremely unprofessional !

    I am getting hungry ... Time for some breaky ...
    Tootles

    Super Princess
    Stephanie
    Last edited by Steffi; 09-03-2013 at 07:32 AM.

  8. #8
    King of the Nether Rain Forest Atticus's Avatar
    Join Date
    Jul 2010
    Posts
    46

    Default

    If you notice, that security alert was published mere days before this incident. It's not like we ignored it for weeks on end. It certainly isn't childish of me to tell you to quit stomping on your soap box. Your behavior now and in the past speaks for itself. This issue is resolved, everyone is happy. Good day

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •