""Fixing your site after you have been hacked""

Discussion in 'vBulletin Discussions' started by oman, Jan 31, 2014.

  1. Cerberus

    Cerberus Admin Talk Staff

    Joined:
    May 3, 2009
    Messages:
    1,031
    Likes Received:
    500
    So I was looking over one of the more known Exploit sites. And I was wondering when did you say Vbulletin servers were comprimised/exploited?

    Now correct me if I am wrong, but September is the 9th month correct? In the image below the html file owned by root/vbdev clearly shows this happened after Septemeber. It had to happen after 10 - 03 - 2013. And I usually am not into the whole helping of IB. But, here is the link to where this OLD exploit was being sold. There is also a new modification of the OLD exploit that still works today.

    Link: http://1337day.com/exploit/description/21518 <-- I am sure this link is well known now after all the blog posts.

    Also, this exploit was still working as of add date -> 2013-11-14 .. Well, after the server was exploited. So, that is what a couple months of people's data being at risk? Taking 2 months to close a security hole that was known across the net since September. Wow, they are johnny on the spot huh? But, I figured I would get in on your whole I proved you wrong because of semantics you like to do on all the sites that makes you look like a total moop. You really should give this whole thing up and go back to the people and charge and tell them that this strategy does not work. IB needs a new game plan other than lying to their customers and trying to money grab using low quality products. And yes my resentment is strong, but I feel betrayed. I gave Vbulletin almost a decade of my life, and this is what is left. It is like one of those bad breakups you just never get over

    be6da77f6f11f5b27a4811118dbd1c2f.jpg
     
    Big al and AWS like this.
  2. BirdOPrey5

    BirdOPrey5 #Awesome

    Joined:
    Jul 16, 2011
    Messages:
    343
    Likes Received:
    105
    Location:
    New York
    First Name:
    Joe
    LOL, links to so called exploits for hundreds or thousands of dollars- I should trust them because they're so ethical, right?

    I'm done with you, your're clearly an anarchist and there's no point trying to change your mind- I'm confident any objective person reading this in the future will read your blurb about laws being meaningless and come to the same conclusion.

    No one said that VB (the company) was exploited before the September exploit was announced. Your timeline is irrelevant.
     
  3. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    Did you just pull this synopsis out of your ass because it's full of shit. Really
     
    Big al likes this.
  4. Cerberus

    Cerberus Admin Talk Staff

    Joined:
    May 3, 2009
    Messages:
    1,031
    Likes Received:
    500
    So, when proven wrong the same way you are always claiming you win arguments, your response is to pretend like you were not proven wrong? I clearly have you quoted on saying it happened in September, and also have proof it was still valid months after it happened. There is nothing in my post that says I am an anarchist, that is simply an unsubstantiated claim against my person, which in a court of law would be considered "Slander".

    Laws are meaningless. This is simply truth. They are not capable of deterring anyone accept those who live in fear. I am sorry if you live your life in fear, but that is not for me. My time line clearly states that you spew lies about subjects you have no knowledge of. I saw on TAZ how you were "Supposedly" discrediting people because they lacked the proper research and had no idea what they were talking about. You clearly are one of those people.

    My point was very simple, evil is needed in order for the world to progress and at times should be respected. I never condoned horrible atrocities. I simply said the hacker is a needed evil and that exploits take time and money to create. All of which is 100% truth. I do not know what you deal in, but I will stick with the truth.

    Good day sir and good luck in your sheeple life of blindly following and attempting to lead others on your path to nowhere. I have yet to see any purpose you server on any site, all you do is argue against truth and call people names and say they are wrong. You have to be without a doubt the worst employee of Internet Brands, you set them back 10 steps every time you open your mouth. If it was my company I would have fired you long ago.
     
    Brandon, Autopilot and Big al like this.
  5. BirdOPrey5

    BirdOPrey5 #Awesome

    Joined:
    Jul 16, 2011
    Messages:
    343
    Likes Received:
    105
    Location:
    New York
    First Name:
    Joe
    In September we were made aware of the exploit in the Software (last Day of August actually) and started warning customers to delete the /install/ directory by multiple different methods in following days.

    That does not mean that vBulletin servers themselves were hacked at that time or by the exploit. VB.com forum wasn't susceptible to the exploit because the install directory was password protected.
     
  6. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    I say, did I just hear a discouraging word?


    Yet his are always relevant.


    I just love the way he says this quite often and then carries on discussing things with the other party. He has " Done" with me many times, but keeps coming back.


    Welcome to the club. He is very good at posting unsubstantiated claims against those who stand up to him.
     
    Last edited: Feb 4, 2014

Share This Page