I don't think it's just ads Of the 1816 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-05-23, and the last time suspicious content was found on this site was on 2012-05-23. Malicious software includes 1 exploit(s). Successful infection resulted in an average of 16 new process(es) on the target machine.
i've been getting the malware warning since 4 am today. i googled it and i see that there's a bunch of threads on riu today about it. so am i to assume it is safe to proceed to the site since clearly a bunch of other people did or is my computer going to burst into flame? this is not riu's year. they do however feature some of the finest trolls the internet has to offer. there's one dude who has at least 6 verifiable accounts all with tons of rep. that kind of entertainment doesn't just fall out of the sky, ya know.
Well, there aren't alot out in the wild. I wouldnt know about 0days, I mean we run vBulletin on grasscity and we're not hacked daily, at least if we are the users don't know about it. And a quick check on exploit-db says there aren't any.
I haven't been as in the loop lately as I use to be. Do you remember Millw0rm? They use to have a ton of Vbulletin vulnerability notifications. You asked why GC isn't hacked (or hasnt been lately). With vBulletin it depends on the version and how often the owner keeps up with updates and maintenance if I'm not mistaken. Admin & Board Maintenance: Task Scheduler\tYes\tYes Control Panel, Moderator & Task logs\tYes\tYes Board statistics\tYes\tYes Maintentance - Database backups, table repair\tYes\tYes Post Pruning GENERAL FEATURES: Scalable Solution - database server and web servers can reside on separate machines.\tYes\tYes MySQL back-end database\tYes\tYes vBulletin can be run on any machine that can support PHP and MySQL (Solaris, BSD, Linux, Windows, Mac)\tYes\tYes Written in PHP which makes for a fast and efficient product In bold. The mods are extremely active here so I think it's up to date and maintained. Find weak forum, find database error and build sql injection string.
Yea milw0rm died out a long time ago though, actually I think str0ke may be dead by now. I remember he was all scared (or maybe realized he was contributing so much to the skiddy community that he got sick of it) due to the anti-sec fake thing, and temporarily shut the site down. There were online obituaries for him, but that may have been a hoax. exploit-db is like the new milw0rm, although the owners of the site (offensive security) aren't as smart as str0ke was. They were hacked last year, then the hackers put the zine on their paper hosting section lol. Bugtraq by security focus is better imo but all the lamers still use exploit-db because they usually post the exploit code with the disclosure. I would think most owners/admins would keep their software up to date, especially for a big site like rollitup. Unless they're just retarded, I mean its a pretty simple process to click update. There was an XSS vuln for it recently though, although it was a simple patch. I checked their threads and seems like the admins are telling people its their own fault, some of them are placing the blame on people who want to advertise their site, etc.
Hahahaha yeah. I remember I would share .asp shopping cart exploits on one forum and would get a million PM's for codes. So many people teenage kids think they're badass because they can copy and paste.
My buddy got 'em pretty good, told the kids it was some kind of exploit, I think to get remote root but I don't remember. Convinced them to compile all the shellcode he wrote... and it was just 'rm -rf /*' and there may have been an '&& reboot' but I don't remember. Many lulz were had that day.
Hi all , as the username says im panhead & im also panhead over at rollitup , im also a moderator at the site , im not the most computer savy guy so im not visiting RIU until they fix the hack right , about a week before the site went down most mods werent able to access their control panel & if they could we had to prove who we were after using the mod cp & re sign into the site , not normal at all which tells me the hacker did alot more than take the site down , he was actively f---ing with code for weeks, this was discussed in staff forum but before i had a chance to see an admin chime in i got security warnings about malware & i didnt log in for a few days . When i tried logging in from an old phone it took me right to the site but my computer is still showing warnings , google & other search sites are showing warnings as well , any members here happen to know wtf is going on over there with potroast or other admins fixing the hack ? Like i previously stated im not going back till my anti virus program says the site is clear , it's not cop's im worried about it's loosing a machine from malware . Ive got a feeling the hacker was given the key to the garage & hacked into the house via the garage , any info would be a big help folks especially from another RIU mod . Thanks .
Panhead...I saw a message a couple of days ago saying they were redoing everything, and that it should be up in a few days.... Then there was some game, gold digger, that was there that I was playing - very addictive too.....a few hours ago I was back to getting the malware warning....now I get a mostly blank page that says database error.