MyBB Support

Questions about MyBB Backdoors

Submitted by Glunar, , Thread ID: 22332

Thread Closed
11-07-2016, 02:53 PM
#1
Hello! This question might be pretty dumb & annoying for you / However I need to know since I'm using an out-dated theme for my website.

&

I've been running an game-server for a long time. I've purchased scripts & gamemode and much more to have more playerbase and more features in it. (Garry's Mod) However, I have an anti-cheat called 'Cake Anti Cheat' to detech hackers and all other backdoor software. I'm not sure If it's the same in MyBB but I have an theme called Duende. However It's pretty out-dated eventhough its for 1.8x

&

What I'm trying to ask is; Is there any way to check backdoors in it if it has one? Or can they do something with theme folders? Is it harmless? I just need some detail. Thank you.

RE: Questions about MyBB Backdoors

#2
Well there is no way to "check for backdoors" as backdoors are found by hackers. There isn't like a tool where you can run and will tell you all the backdoors and vulnerabilities on your website. You could however deploy a Web Application Firewall or scan your website for vulnerabilties and patch it. By outdated theme I would presume that this theme hasn't been updated for some time. To my understanding of MyBB forums, I think the structure of themes have no changed much so it shouldn't really effect you.

Good luck

RE: Questions about MyBB Backdoors

OP
#3
11-07-2016, 03:08 PM
Mercy Wrote:
Well there is no way to "check for backdoors" as backdoors are found by hackers. There isn't like a tool where you can run and will tell you all the backdoors and vulnerabilities on your website. You could however deploy a Web Application Firewall or scan your website for vulnerabilties and patch it. By outdated theme I would presume that this theme hasn't been updated for some time. To my understanding of MyBB forums, I think the structure of themes have no changed much so it shouldn't really effect you.

Good luck

Well I mostly use Ransack Agent or whatever it is to scan files. In Garry's Mod (Lua) You mostly search for Run.str or Run.String or something like that so I was asking if there's any specific code which actually lets them to do something bad.

RE: Questions about MyBB Backdoors

#4
You could always just manually look over the code and check yourself whether you can find something that shouldn't be there.

RE: Questions about MyBB Backdoors

OP
#5
11-07-2016, 03:11 PM
666 Wrote:
You could always just manually look over the code and check yourself whether you can find something that shouldn't be there.

You are right but I need example of MyBB Backdoors.

RE: Questions about MyBB Backdoors

#6
11-07-2016, 03:11 PM
Glunar Wrote:
11-07-2016, 03:08 PM
Mercy Wrote:
Well there is no way to "check for backdoors" as backdoors are found by hackers. There isn't like a tool where you can run and will tell you all the backdoors and vulnerabilities on your website. You could however deploy a Web Application Firewall or scan your website for vulnerabilties and patch it. By outdated theme I would presume that this theme hasn't been updated for some time. To my understanding of MyBB forums, I think the structure of themes have no changed much so it shouldn't really effect you.

Good luck

Well I mostly use Ransack Agent or whatever it is to scan files. In Garry's Mod (Lua) You mostly search for Run.str or Run.String or something like that so I was asking if there's any specific code which actually lets them to do something bad.

There isn't a set of code that can make a website vulnerable. Well there are the common ones, but I doubt MyBB have those lying around anywhere. The vulnerabilities you see for MyBB are just simple code alternatives or shortcuts. So to make the code more efficient or something, devs will sometimes use alternative methods or new methods. This sometimes leaves the software being vulnerable. MyBB is opensource, so a lot of Vulnerabilities are found since hackers can take a look at the code. But most hackers dont' site around going through thousand lines of code. White hats or security researchers do, and when they find something they will report it and MyBB would fix it. My best reccomendation is to keep up to date on all the software, MyBB, web server, server OS updates, all of it. I would also hide your admin panel, you can Google on how to do that there are tutorials out there.

RE: Questions about MyBB Backdoors

OP
#7
11-07-2016, 03:14 PM
Mercy Wrote:
Well I mostly use Ransack Agent or whatever it is to scan files. In Garry's Mod (Lua) You mostly search for Run.str or Run.String or something like that so I was asking if there's any specific code which actually lets them to do something bad.

There isn't a set of code that can make a website vulnerable. Well there are the common ones, but I doubt MyBB have those lying around anywhere. The vulnerabilities you see for MyBB are just simple code alternatives or shortcuts. So to make the code more efficient or something, devs will sometimes use alternative methods or new methods. This sometimes leaves the software being vulnerable. MyBB is opensource, so a lot of Vulnerabilities are found since hackers can take a look at the code. But most hackers dont' site around going through thousand lines of code. White hats or security researchers do, and when they find something they will report it and MyBB would fix it. My best reccomendation is to keep up to date on all the software, MyBB, web server, server OS updates, all of it. I would also hide your admin panel, you can Google on how to do that there are tutorials out there.

Hiding admin panel seems pretty good idea. I loved it! I'm going to search how to do it man. Thank you.

RE: Questions about MyBB Backdoors

#8
Next time post in MyBB support.
[Image: InZ3hGx.png]

RE: Questions about MyBB Backdoors

OP
#9
11-07-2016, 03:21 PM
Faded Wrote:
Next time post in MyBB support.

I'm sorry.

RE: Questions about MyBB Backdoors

#10
Considering a mybb theme is all css and js. I'm pretty sure it would be quite hard to do any damage with it.
xxx

Users browsing this thread: 4 Guest(s)