VBulletin 3.8.4 has been exploited

[Hx]

Hey as you guys know wsm.co.in got hacked today i though it was because it was the old members who did it but i was wrong. It was a guy named king kong i had a chat with him and realised that he has found a exploit on 3.8.4 and is hacking any sites with that version if he gets paid for it watch out and upgrade to 3.8.5

Source:As

 

[Speakup]

Post screen shots of the chat.

 

[Mac]

Cool story bro.

You're an idiot.

 

[Hx]

one sec let me get screenshot

 

[Hx]

http://imgscene.com/images/proof.png

 

[Baraka]

http://www.vbulletin.org/forum/showthread.php?t=221074 :O:O

 

[Ar!yaN]

i read come where on WSM, that WSM have version 4 not 3 lol

 

[Hx]

wsm had 3.8.4 mate please upgrade and dont think i made up this story as i dont want anyone to get hacked

 

[Ar!yaN]

lol i think there 3.8.4 hacker in the house lol

yeah bro after 1only post's i am also shocked

 

[Myth?]

Hmm a exploit aye.

 

[Veer]

heard it too...
well upgrading versions is a headache in vb...
upgrading in phpbbis very easy....

 

[raj11]

@1only
check the post of date bro 17 Aug 2009
if there would have been any Exploit too many forums have been fucked untill now
plus wsm was on
vBulletin 3.8.5 just view there source

read the 6th post

http://www.vbulletin.org/forum/showthread.php?t=221074

see this

http://209.85.229.132/search?q=cache:dxOAps9JlnIJ:www.hackforums.net/showthread.php%3Ftid%3D124858+http://www.hackforums.net/showthread.php%3Ftid%3D124858&hl=en&client=firefox-a&strip=1

 

[Hx]

now it is before it was 3.8.4

 

[ChosenOne]

Hey as you guys know wsm.co.in got hacked today i though it was because it was the old members who did it but i was wrong. It was a guy named king kong i had a chat with him and realised that he has found a exploit on 3.8.4 and is hacking any sites with that version if he gets paid for it watch out and upgrade to 3.8.5

Source:As

You sir, are an idiot.

You realised there's exploit or it's because King Kong told you there is? Second, WSM is using vBulletin 4.0 not 3.8.4.

 

[Hx]

it was using 3.8.4 last time i check it

 

[Storming]

It most probably is not a exploit within VBulletin its self, more likely in a plugin that has been installed.
Check the logs if you know howto to see if there is anything..
Also maybe the person(S) have been keylogged?

 

[ChosenOne]

Nav:

http://www.imgcentre.com/img/uploads/big/ff27a0b7c6.png

See? Super mods/admins can delete all threads, can change shoutbox notice and much more. Till next time, adios!

 

[Storming]

And WSM is running 3.8.x not vb4 it just says vb4 in the footer

 

[Hx]

ye but how do we know that king kong hasnt exploited the vb and the way he told me he seemed pretty sure

and thx for posting storming now we know they are on 3.8x and im sure they were on 3.8.4 when they got hacked

 

[Storming]

Yeah all "hackers" would say that they hacked Vb if they got access to the site - I bet you any money he cannot hack some of the major sites thats running it, because if you notice he has only targeted useless non-needed sites.
And I'm 99% sure he had there passwords via keylogging them etc