Backdoor in vBulletin to controll the license?
- Thread starter toniboni88
- Start date
- Status
toniboni88 said:
No. False. if your licensed and you tell them your domain name on vbuleltin.com profile license section and somebody reports you for suspected piracy then piracyreports check their database to see if your domain is registered with vbulletin. if they cant find your domain then they will contact your webhost and ask them to verify if you have a license or not.
sometimes people dont put their url on the license even though they did buy one. if you havnt got a license then you are asked to remove the software immediatly or buy a license.
when they emailed my hoster i sent mr piracy man <mentioning no names> an email saying i want 7 days from todays date to buy the license and i am not removing the forum software. so i bought my license within 3 days and that shut them up and case was closed ha.
and as for your concern about dodgy nulled scripts sometimes untrusted nullers put dodgy backdoor code into a realease so they can gain control of your vbulletin, but this is extremly rare. all you need to do is use a trusted script like GYSN and other ones only by vbteam.
Spinifex.
1- there is 3 backdoor scripts in vBulletin
2- none have any action inside the script
3- none is identifying your mother
A- if you are unlicensed to vbulletin.com, your site may be tracked by their piracy engine to check the validity of your site and if it is proven that your forum is pirated, they send a notice to your host to shut your site down. You also receive a notice to purchase a license OR close the forum. it's not taken in a single minute, they let you choose to become legal or die... they know that 50% of the reported nulled forums will purchase a license because the software is too great to loose, so they let you a moment-- for that, you have to have an original email you are using with your domain registration, because that is where they will contact you *(whois)
B- the backdoor scripts are sending vbulletin.com a checkup code each time it is activated, and if your domain fit with no license, they are alerted. IF you have a nulled version that do not send that checkup, there is no chance vbulletin.com will detect you that way... they have other means.
C- they never sue you, they force your host to close your forum, that's all... i heard about 2 situations where someone was sued by Jelsoft, and they were major cases, not some fan site.
D- i usually check if the GYSN version is safe when they release it... easy, vBulletin backdoor security is the same for 5 years, it's a single line edit in 3 locations. the only bug i have is the install authentication process that GYSN created... completely pointless, but i suppose they wanted to make a stunt...
that's all...
did i mention any legal thing that could make Jelsoft sue me?!.. nope!
2- none have any action inside the script
3- none is identifying your mother
A- if you are unlicensed to vbulletin.com, your site may be tracked by their piracy engine to check the validity of your site and if it is proven that your forum is pirated, they send a notice to your host to shut your site down. You also receive a notice to purchase a license OR close the forum. it's not taken in a single minute, they let you choose to become legal or die... they know that 50% of the reported nulled forums will purchase a license because the software is too great to loose, so they let you a moment-- for that, you have to have an original email you are using with your domain registration, because that is where they will contact you *(whois)
B- the backdoor scripts are sending vbulletin.com a checkup code each time it is activated, and if your domain fit with no license, they are alerted. IF you have a nulled version that do not send that checkup, there is no chance vbulletin.com will detect you that way... they have other means.
C- they never sue you, they force your host to close your forum, that's all... i heard about 2 situations where someone was sued by Jelsoft, and they were major cases, not some fan site.
D- i usually check if the GYSN version is safe when they release it... easy, vBulletin backdoor security is the same for 5 years, it's a single line edit in 3 locations. the only bug i have is the install authentication process that GYSN created... completely pointless, but i suppose they wanted to make a stunt...
that's all...
did i mention any legal thing that could make Jelsoft sue me?!.. nope!
This comment is disrepectful to GYSN which is something not allowed here!
(however unintentional it is)
The keygen (I assume thats what you are talking about) does have a purpose, if you have nosey hosts that check your files and they do not see a l/n then they will know you are running nulled software or ask you to verify the legitimacy of it which of cause you can not do, where as if they do see a l/n they will probably think nothing of it and leave you alone.
This may seem insignificant but it is still handy extra protection.
toniboni88
New Member
I did not understand this
Sorry, but I'm italian and I don't speak english very well...
and this:nexia said:
nexia said:
Sorry, but I'm italian and I don't speak english very well...
My comment was not disrespectful... the interpretation could be, but that was not the case.
also, if you consider the word stunt as an insult, please consider reading the dictionary... the keygen is actually stunting the host, which is exactly what you explained, what i named without details... so where am i wrong?
the word pointless maybe? the script/keygen itself can easily be surrounded by making it automatic when generating a authentication license number.
and btw, if a host is checking your authenticate.php file, maybe it's time to have a move and delete the /install/ directory after installation, like it is always suggested for security...
the authentication number can not be used inside vBulletin itself, it is used only when you install and upgrade... so a host can not verify if you own a licensed version of vBulletin, when your /install/ path is deleted, like it is even suggested by Jelsoft..
i know it's a protection to have the keygen, noobs are everywhere... but my comment was not disrespectful.
also, if you consider the word stunt as an insult, please consider reading the dictionary... the keygen is actually stunting the host, which is exactly what you explained, what i named without details... so where am i wrong?
the word pointless maybe? the script/keygen itself can easily be surrounded by making it automatic when generating a authentication license number.
and btw, if a host is checking your authenticate.php file, maybe it's time to have a move and delete the /install/ directory after installation, like it is always suggested for security...
the authentication number can not be used inside vBulletin itself, it is used only when you install and upgrade... so a host can not verify if you own a licensed version of vBulletin, when your /install/ path is deleted, like it is even suggested by Jelsoft..
i know it's a protection to have the keygen, noobs are everywhere... but my comment was not disrespectful.
Hoxxy said:
toniboni88
New Member
nexia said:
Where is this 3 line to check?
Jelsoft have no power over the host themselves... most hosts have the possibility to refuse the request from Jelsoft when the later ask to close a nulled forum.
Jelsoft have no power over offshore hosts located in protected territories... that's what we usually see for hosts supporting nulled scripts. no police or laws can break one of these hosts... even the USA!...
Jelsoft have no power over offshore hosts located in protected territories... that's what we usually see for hosts supporting nulled scripts. no police or laws can break one of these hosts... even the USA!...
toniboni88
New Member
nexia said:
Can you tell me where is this 3 locations?please...
I would like to understand more...thanks...
nexia said:
False.
Jelsoft does in fact have power over hosts who must comply with copyright law chapter 5 contained in the united states code under title 17 (feel free to google it...)
This is why Offshore hosting is a better option.
If a country has a copyright infringement law, the companies hosting the server can in fact be held responcible for the content (Hence the case against the famous torrent site "Piratebay"). This is why most hosts will shut you down if reported. They do not want to get sued.
If jelsoft feels you are earning enough money off of a nulled version of their site & they are aware of it, they will shut you down. Simple.
I agree with you Hoxxy. But, some hosts have a TOS or User Agreement. Which will state "we are not allowed to access a customers files without their permission".Hoxxy said:
That way if a server tech views your files, they basically null and void the agreement. So, if you sue them they will lose the case EVEN if your using nulled software.
It depends on the hosts TOS and other agreements. Some hosts say they CAN view your data anytime and some say they won't. You need to read the fine print.
- Status