1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Forumhome hacked.

Discussion in 'vBulletin' started by tropicalconsulting, Jun 7, 2011.

0
  1. #1
    tropicalconsulting, Jun 7, 2011 IP
  2. Brandon Sheley

    Brandon Sheley Illustrious Member

    Messages:
    9,721
    Likes Received:
    612
    Best Answers:
    2
    Trophy Points:
    420
    #2
    The forum doesn't looked hacked to me?
    It does look filled with banner ads though :(

    ah I see it with a 2nd look, the forum did come up fine the first time.

    This is the code, I'd place up a blank.html page while you're working on the site so your members don't freak out when trying to look at your site..

    <body onload="scrlsts()">
<br>
<br>
<SCRIPT LANGUAGE="JavaScript">
var scrl = "Hacked By The CorruptSilence Team";
function scrlsts() {
 scrl = scrl.substring(1, scrl.length) + scrl.substring(0, 1);
 document.title = scrl;
 setTimeout("scrlsts()", 300);
 }

</script>

<style type='text/css'>
font.glow {text-shadow: 0 0 0.2em #8F7}
font.wglow {text-shadow: 0 0 0.2em #6F6}
font.whiteglow {text-shadow: 0 0 0.2em #FFF}
font.redglow {text-shadow: 0 0 0.2em #F00}
font.blueglow {text-shadow: 0 0 0.2em #00F}
font.greenglow {text-shadow: 0 0 0.2em #0F0}
button.evil
{
   text-shadow: -1px 0 black, 0 1px black, 1px 0 black, 0 -1px black;
   font-size:14px;
   font-family:Tahoma,sans-serif;
   font-weight:bold;
   width:140px;
}
img.shadow
{
	image-shadow: 0.1em 0.1em 0.2em white
}

</style>

</style>

 <LINK rel="SHORTCUT ICON" href="http://defaced.com.nu/dir/images/zombie-icon.gif"> 
<script language="Javascript1.2"> 
var mymessage = "IP Address Logged, I WILL come for you. ~ The B0x";

function rtclickcheck(keyp){
  if (navigator.appName == "Netscape" && keyp.which == 3) {
    alert(mymessage);
    return false;
  }
 
  if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) {
    alert(mymessage);
    return false;
  }
}
 
document.onmousedown = rtclickcheck
//-->
</script> 
<script type='text/javascript' src='http://defaced.com.nu/dir/javascript/TypingText.js'></script>

<head>
<style>
.shakeimage{
position:relative
}


</style>
<script language="JavaScript1.2">

/*
Shake image script (onMouseover)- 
© Dynamic Drive (www.dynamicdrive.com)
For full source code, usage terms, and 100's more DHTML scripts, visit http://dynamicdrive.com
*/

//configure shake degree (where larger # equals greater shake)
var rector=3

///////DONE EDITTING///////////
var stopit=0 
var a=1

function init(which){
stopit=0
shake=which
shake.style.left=0
shake.style.top=0
}

function rattleimage(){
if ((!document.all&&!document.getElementById)||stopit==1)
return
if (a==1){
shake.style.top=parseInt(shake.style.top)+rector+"px"
}
else if (a==2){
shake.style.left=parseInt(shake.style.left)+rector+"px"
}
else if (a==3){
shake.style.top=parseInt(shake.style.top)-rector+"px"
}
else{
shake.style.left=parseInt(shake.style.left)-rector+"px"
}
if (a<4)
a++
else
a=1
setTimeout("rattleimage()",10)
}

function stoprattle(which){
stopit=1
which.style.left=0
which.style.top=0
}
</script>
<body background="http://defaced.com.nu/dir/images/matrix-gradient.gif">
<script type="text/javascript"> 
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-22942935-8']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
</head>

<table bgcolor='#000000' align='center' class="code notranslate" width="90%" height="5%" border="5" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
<center><img src="http://defaced.com.nu/dir/images/warning.gif"</center>
</td></tr>
</tbody>

</table>

<table background="http://defaced.com.nu/dir/images/trans-green2.png" align='center' class="code notranslate" width="90%" border="5" cellpadding="0" cellspacing="0">

<tbody>

	<tr><td>

	<center>
	<br>
	<b><font class='wglow' face='courier new' class='wglow' size="5">Hello, you just got</font></b>
	<br>

	<br>
		<div id="line1"><b><font class='wglow' color='white' size='3' face='courier new'>

			&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;<br>

		</font><b></div>

		<div id="line2"><b><font class='wglow' color='white' size='3' face='courier new'>
			&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;<br>
		</font><b></div>

		<div id="line3"><b><font class='wglow' color='white' size='3' face='courier new'>
			&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;<br>
		</font><b></div>

		<div id="line4"><b><font class='wglow' color='white' size='3' face='courier new'>

			&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;<br>
		</font><b></div>

		<div id="line5"><b><font class='wglow' color='white' size='3' face='courier new'>

			&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;<br>
		</font><b></div>
		<div id="line6"><b><font class='wglow' color='white' size='3' face='courier new'>
			&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;<br>

		</font><b></div>

		<div id="line7"><b><font class='wglow' color='white' size='3' face='courier new'>
			&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;<br>
		</font><b></div>

		<div id="line8"><b><font class='wglow' color='white' size='3' face='courier new'>
			&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&#x2588;&nbsp;&nbsp;&nbsp;<br>
		</font><b></div>
		<script type="text/javascript">
new TypingText(document.getElementById("line1"));
new TypingText(document.getElementById("line2"));
new TypingText(document.getElementById("line3"));
new TypingText(document.getElementById("line4"));
new TypingText(document.getElementById("line5"));
new TypingText(document.getElementById("line6"));
new TypingText(document.getElementById("line7"));
new TypingText(document.getElementById("line8"));
TypingText.runAll();

</script>

	<br>

	<br>
	</tr></td>

	<!--END ROW 1-->

	<!--ROW 2-->
	<tr><td>
</center>

<br>
<center>

<font class='wglow' size='5' face='courier new'><b>You Were Owned by<br></b></font>
<font class="glow"><font color='#00ff00' face='tahoma'><b>The CorruptSilence Hacking and Coding Team:</b></font></font><br>
</center>

</tr></td>
</tbody></table>
<table bgcolor='#000000' align='center' class="code notranslate" width="90%" height="5%" border="5" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
<marquee><font class="redglow" color='#FFFFFF' face='tahoma'><b>Cryptik - Mystik - Hypno - Rummy</b></font></marquee><br>
</td></tr>
</tbody></table>

<table bgcolor='#000000' align='center' class="code notranslate" width="90%" border="5" cellpadding="0" cellspacing="0" bgcolor='#000000'>
<tbody>

<!--ROW 1-->
	<tr><td>

<center>
<br><br>
<img class='shadow'  src="http://defaced.com.nu/dir/images/face1.jpg">
<img src="http://defaced.com.nu/dir/images/anon-mask.gif" height="344" width="426" class="shakeimage" onLoad="init(this);rattleimage()"  onclick='norite()'>
<img class='shadow'  src="http://defaced.com.nu/dir/images/face2.jpg">
<!--img src="http://operatorchan.org/t/src/t223059_1442814-trollface_super.jpg"></img-->
<br><br>
<br>
</tr></td>

<!--END ROW 3-->
<!--end table-->
</tr></td>

</tbody></table>

</tbody></table>

<table bgcolor='#000000' align='center' class="code notranslate" width="90%" height="30%" border="5" cellpadding="0" cellspacing="0">
<tbody>
<tr height='20%'>
<td width='50%'>
<center>
<font face='tahoma' class='wglow'><b> l| </b></font>
<button class='evil' onclick="meow()"><b><font color='#009900'>CorruptSilence.tk</font></b></button>

<font face='tahoma' class='wglow'><b> |l </b></font>
</center>
</td>

</tr>
<tr height='40%'><td width='100%'>
<b>
<center><font face= 'tahoma' class='wglow' color='white'>Shoutz to:</font><center>
<marquee>
<font class='whiteglow' face='tahoma'> | </font>
<font face='tahoma' color='red' class='wglow'>coolguy1</font>
<font class='whiteglow' face='tahoma'> || </font>

<font face='tahoma' color='black' class='greenglow'>coolguy2</font>

<font class='whiteglow' face='tahoma'> || </font>
<font face='tahoma' color='green' class='redglow'>coolguy3</font>
<font class='whiteglow' face='tahoma'> || </font>
<font face='tahoma' color='orange' class='wglow'>everyone</font>
<font class='whiteglow' face='tahoma'> || </font>
<font face='tahoma' color='purple' class='blueglow'>would have</font>

<font class='whiteglow' face='tahoma'> || </font>

<font face='tahoma' color='white' class='wglow'>own color/style</font>
<font class='whiteglow' face='tahoma'> | </font>
</marquee>
</b>
</td></tr>
<tr height='30%'><td width='100%'>
<center>
<font face='tahoma' color='#000000' class='wglow'><b>We will be back...</b></font>
</center>
</td></tr>

</tbody></table>


<!--scripts-->
<script type="text/javascript">

function meow()
{
window.location='http://corruptsilence.tk';
}
window.onbeforeunload = function()
{
	alert("We'll be back :)");
}
</script>
<object width="1" height="1"><param name="movie" value="http://www.youtube.com/v/0kY6NsDlaLc?fs=1&amp;hl=en_US&amp;rel=0&autoplay=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/0kY6NsDlaLc?fs=1&amp;hl=en_US&amp;rel=0&autoplay=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="1" height="1"></embed></object>
<!-- www.000webhost.com Analytics Code -->
<script type="text/javascript" src="http://analytics.hosting24.com/count.php"></script>
<noscript><a href="http://www.hosting24.com/"><img src="http://analytics.hosting24.com/count.php" alt="web hosting" /></a></noscript>
<!-- End Of Analytics Code -->
    Code (markup):
     
    Brandon Sheley, Jun 7, 2011 IP
  3. tropicalconsulting

    tropicalconsulting Well-Known Member

    Messages:
    137
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    123
    #3
    But how they got this script on the forum.php. We just upgraded to latest VBulletin version.
     
    tropicalconsulting, Jun 7, 2011 IP
  4. Sp32

    Sp32 Peon

    Messages:
    34
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    I remember a "Top x Stats" had a flaw so people could redirect to their own site. The best bet is to disable all products and see if it happens again, if it doesn't assume it's one of your products with a vuln.
     
    Sp32, Jun 10, 2011 IP
  5. tropicalconsulting

    tropicalconsulting Well-Known Member

    Messages:
    137
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    123
    #5
    We disabled all products and created a new style, still same problem, unlogged users see error message.

    Unable to add cookies, header already sent.
    File: /home/extreme/public_html/forum.php
    Line: 1

    We upgraded to latest Vbulletin version, looks like some SQL injections, the script is clean.

    We contact VB support, hope they can solve the problem.
     
    tropicalconsulting, Jun 10, 2011 IP
  6. tropicalconsulting

    tropicalconsulting Well-Known Member

    Messages:
    137
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    123
    #6
    We upgraded to latest VB version 4.1.4, Problem is solved.
     
    tropicalconsulting, Jun 13, 2011 IP