Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 03 Apr 2012, 05:25
lycheepassion lycheepassion is offline
 
Join Date: Aug 2009
Unhappy Emergency: Malware injection

As of Weds my forum has been injected with directmarketingprompt.in malware


. I did an upgrade to 4.11 patch 1 from 4.1.0 (er I mean the last version before the latest with the patch) and then did a scan on Sucuri and it showed clean now it's not anymore. How can I fix this?

Here's the google diagnostic page
http://preview.tinyurl.com/gdiagno

Here's the sucuri report:

http://preview.tinyurl.com/sucscan

Here's my site:

http://preview.tinyurl.com/d4maq8n

Just disabled mods, ran suspect files, not sure what to do.> Thanks
Reply With Quote
  #2  
Old 03 Apr 2012, 17:05
borbole's Avatar
borbole borbole is offline
 
Join Date: Jan 2010
Search the db for any trace of the injected code and remove them if found. Run a check of your server space as well and then contact your host so they can check things on their end as well.
__________________
My mods.
Reply With Quote
  #3  
Old 04 Apr 2012, 00:46
lycheepassion lycheepassion is offline
 
Join Date: Aug 2009
thanks VB May have fixed it. How would I run a db search?
Reply With Quote
  #4  
Old 04 Apr 2012, 02:00
santi00 santi00 is offline
 
Join Date: Mar 2012
I have a big problem. I think is the same.
If i clean the cookies and cache on the browser, then i go on my forum by google (searcing one of my keywords) and when i click on my site from google serp. I went redirect on http://file2store.info.
VB 4.1.11 and vbseo 3.5
Another italian friend has tried to upload vbseo and remove all plugin but the problem is the same.

Whitch is the solution?
Reply With Quote
  #5  
Old 04 Apr 2012, 08:51
gazza2008 gazza2008 is offline
 
Join Date: Aug 2009
I am having the same problem

I think if you upgrade to the vb 4.1.11 patch that might do it

If anyone else has any ideas let me know
Reply With Quote
  #6  
Old 04 Apr 2012, 14:08
santi00 santi00 is offline
 
Join Date: Mar 2012
Incredible that a vbulletin has this bug..... there'wes in a last version (vb 3.X) but i hope with the 4.x version the bug was resolved. Now i can see that the bug is always....incredible.
Reply With Quote
  #7  
Old 04 Apr 2012, 15:16
K a M a L K a M a L is offline
 
Join Date: Jun 2011
Real name: Kamal Saleh
santi00 and gazza2008
if you have any of these mods installed (vBActivity, vBShout, Forumon RPG, vBDownloads and vBQuiz)
there is an XSS vulnerability on them
if not there is an Xss vulnerability on Ckeditor , and you should upgrade to latest Patch level
Reply With Quote
  #8  
Old 04 Apr 2012, 15:39
santi00 santi00 is offline
 
Join Date: Mar 2012
I haven't these mods installed and ckeditor.
The proble are in a lot of forum. Incredible because vbulletin is a commercial software.
INCREDIBLE.
Reply With Quote
  #9  
Old 04 Apr 2012, 15:44
Pandemikk Pandemikk is offline
 
Join Date: Jul 2009
Real name: Jon
I.n.c.r.e.d.i.b.l.e
Reply With Quote
  #10  
Old 04 Apr 2012, 15:52
K a M a L K a M a L is offline
 
Join Date: Jun 2011
Real name: Kamal Saleh
Could you give me an infected site url , to check for the reason ?
Reply With Quote
  #11  
Old 04 Apr 2012, 16:58
Brandon Sheley's Avatar
Brandon Sheley Brandon Sheley is offline
 
Join Date: Mar 2005
Real name: Brandon
This is how you fix the exploits.
http://www.theadminzone.com/forums/s...2&postcount=81

Follow these steps and your site will be clean, I've done it on a number of sites.

This isn't a "vb issue" stop trying to blame them..
Stop adding poorly developed hacks and secure your sites.
__________________

Email me for website help: brandon[at]sheley[dot]org
Reply With Quote
  #12  
Old 04 Apr 2012, 19:04
gazza2008 gazza2008 is offline
 
Join Date: Aug 2009
Originally Posted by K a M a L View Post
santi00 and gazza2008
if you have any of these mods installed (vBActivity, vBShout, Forumon RPG, vBDownloads and vBQuiz)
there is an XSS vulnerability on them
if not there is an Xss vulnerability on Ckeditor , and you should upgrade to latest Patch level
I have VB shout Shall I uninstall it or just upgrade to latest patch VB

--------------- Added 05 Apr 2012 at 08:19 ---------------

seems after doing this it is fine

so touch wood lol
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 20:01.

Layout Options | Width: Wide Color: