Hackers Suck!
Mod Version: 1.0.1, by vbresults
This thread is in the Modification Graveyard.
| vB Version: 4.2.x | Rating:  (3 votes - 3.67 average) |
Installs: 9 |
| Released: 11 Jul 2013 | Last Update: 24 Jul 2013 | Downloads: 50 |
 Not Supported
 Uses Plugins
|
||
vBulletin is very unique on how it stores its templates and plugins, Its different than WordPress and Joomla, all the content is saved in the database. That makes it a bit more complicated for webmasters because they cant just use common command line tools (like grep) to search through all their files. They need to use phpMyAdmin or another database tool to try to find and fix those issues.
And thats where this malware hides itself. It uses the Plugin system and hooks into global_start, so it is called on every page request.
http://blog.sucuri.net/2013/07/vbulletin-infections-from-adabeupdate.html
This plugin allows you to export all plugin code in the database to a single file with one click. You can then scan the plugin text file for malware. This plugin will later expand into a full security audit suite.
Hackers can insert malicious code directly into the datastore, ignoring the actual plugin table and evading detection via scanning with the plugin manager. This plugin exports the live, running datastore rendering that tactic useless.
Installation
- Import the product Xml.
- The installation is complete; congratulations! Mark As Installed, Nominate For MOTM and Vote
Download
This modification cannot be downloaded.
Screenshots