vBulletin Redirect Exploit

djbaxter

Tazmanian Veteran
Joined
Jun 6, 2006
Messages
10,473
Reminder from eJM: Make sure you input the correct version numbers. It's 2.8.2 not 2.82 or 2.9.0 not 2.90.
 

PoetJC

⚧ Jacquii: Kween of Hearts ⚧
Joined
Jul 9, 2006
Messages
21,032
Thanks for the info share Minstrel!
I tried to give you +rep but apparently need to spread it around a little more LOL
Anyway ==> Much appreciation :)
 

wanksta

Internet Sweatshop
Joined
Jul 29, 2009
Messages
425
I made the change to class_core but I cannot see the 2.8.2 version displayed anywhere in View Source Code, I couldn't even see the old YUI version displayed in the View Source Code bit of the browser. Anymore directions on how to check if it has changed over?
 

djbaxter

Tazmanian Veteran
Joined
Jun 6, 2006
Messages
10,473
I made the change to class_core but I cannot see the 2.8.2 version displayed anywhere in View Source Code, I couldn't even see the old YUI version displayed in the View Source Code bit of the browser. Anymore directions on how to check if it has changed over?

Did you make the change in the ACP to load the YUI from Google (first choice) or Yahoo (if you don't have the Google option)? Otherwise you're still using the files supplied by vBulletin which are old (2.7.0).
 

wanksta

Internet Sweatshop
Joined
Jul 29, 2009
Messages
425
Did you make the change in the ACP to load the YUI from Google (first choice) or Yahoo (if you don't have the Google option)? Otherwise you're still using the files supplied by vBulletin which are old (2.7.0).
I did not, sorry for the misunderstanding for some reason I thought the option wasn't available for vB3.x.

The changes now are reflected via View Source, thanks minstrel.
 

viper357

Enthusiast
Joined
Nov 4, 2010
Messages
121
I'm curious as to why it seems like most people use the YUI on Yahoo, I have always used the google option, is the Yahoo option better than the google one?
 

BrandonSheley

loving life
Joined
Jan 2, 2006
Messages
2,607
I have a client that has been plagued with this redirect, we've updated vbseo and changed the YUI but their still getting the bug.
We'll try the PL to see if that helps, vb keeps saying it's vbseo but the redirect happens even with vbseo disabled and removed... so idk
 

djbaxter

Tazmanian Veteran
Joined
Jun 6, 2006
Messages
10,473
It's not vBSEO because it affects forums that have never had vBSEO installed. Lately, it seems vBulletin blames vBSEO every time they can't figure out what's causing the issue. It's getting old.
 

wanksta

Internet Sweatshop
Joined
Jul 29, 2009
Messages
425
LOL I was reading over at vB.com and they fudged their PL release lol
 

wanksta

Internet Sweatshop
Joined
Jul 29, 2009
Messages
425
I went ahead and updated the YUI directory with the updated files from Yahoo even those I am not using local (you never know!), I have attached all the updated files or you can do it yourself by going to http://developer.yahoo.com/yui/2/ and download the Full Developer Kit (yui_2.9.0.zip).
 

Attachments

  • yui.zip
    55.5 KB · Views: 1

petertdavis

Not a Beginner
Joined
Feb 24, 2004
Messages
2,947
Does the vBulletin release actually fix the problem? My confidence in them is low.
 

djbaxter

Tazmanian Veteran
Joined
Jun 6, 2006
Messages
10,473
Hard to say. It basically implements my suggestion about updating the YUI version. It seems to fix the issue for some people and not others. When it doesn't work, it's not clear why.

Information still coming in via vBulletin though. One post seems to implcate something in another core file (class_bbcode.php) but at this point it's uncertain.

The three forums I have direct admin access too have not had the problem since the fix was applied. I would recommend applying the appropriate patch for your version anyway.
 

NickJ

Adherent
Joined
Apr 4, 2011
Messages
427
Is this exploit one of those where when you land on a site, you are immediately redirected to a site that tells you your computer is infected with malware, download some product now?
 
Top