ioncube vulnerability in loader wizard

HaitiBrother · Apr 1, 2014

I was browsing in irc.cryto.net when I stumbled upon a user, whom will not be named who linked to a blog post which contains a Local-File inclusion vulnerability inside the ioncube loader wizard, please make sure to remove the ioncube loader wizard from your servers ASAP.

http://zoned.pw/?p=42

sv01 · Apr 2, 2014

zoned.pw? owned by curtis??

HalfEatenPie · Apr 2, 2014

Zoned.pw links are pretty pointless because they regurgitate other people's findings (and is just a script kiddie trying to act cool).

Here's a more detailed version about this:

http://www.firefart.net/multiple-vulnerabilities-in-ioncube-loader-wizard/

Basically, if you've updated your Ioncube Loader since March 4th, you're fine.

MartinD · Apr 2, 2014

So, as per, it's a load of shit over something older than Noah.

MannDude · Apr 2, 2014

sv01 said:
zoned.pw? owned by curtis??

But not to be confused with me, who happens to also be named Curtis.

If I understand correctly, the vulnerability exists if people don't follow the install instructions by removing the install files for the web-based tool? Correct?

jarland · Apr 2, 2014

I can't imagine why the loader would be accessible on any server that anyone cares about, and if it is then I imagine you could just as easily compromise them on one of their 50 Wordpress plugins that they haven't updated in 6 years.

DomainBop · Apr 2, 2014

one of their 50 Wordpress plugins that they haven't updated in 6 years.

I don't believe your bullshit story that the reason you suspended my VPS is because my WordPress got hacked and was being used in a DDoS attack! I've had those 50 plugins on my site for 6 years and I NEVER got hacked before I moved to your hosting company so it's obviously YOUR fault if I got hacked! You're a scammer for suspending my VPS and I'm going to tell everyone on WHT and LET about it!

HalfEatenPie · Apr 2, 2014

DomainBop said:
I don't believe your bullshit story that the reason you suspended my VPS is because my WordPress got hacked and was being used in a DDoS attack! I've had those 50 plugins on my site for 6 years and I NEVER got hacked before I moved to your hosting company so it's obviously YOUR fault if I got hacked! You're a scammer for suspending my VPS and I'm going to tell everyone on WHT and LET about it!

Oh gheeze.

Add Joomla to that list.

jarland · Apr 2, 2014

DomainBop said:
I don't believe your bullshit story that the reason you suspended my VPS is because my WordPress got hacked and was being used in a DDoS attack! I've had those 50 plugins on my site for 6 years and I NEVER got hacked before I moved to your hosting company so it's obviously YOUR fault if I got hacked! You're a scammer for suspending my VPS and I'm going to tell everyone on WHT and LET about it!

Are you spying on my life? Hahaha

ioncube vulnerability in loader wizard

HaitiBrother

New Member

sv01

Slow but sure

HalfEatenPie

The Irrational One

MartinD

Retired Staff

MannDude

Just a dude

jarland

The ocean is digital

DomainBop

Dormant VPSB Pathogen

HalfEatenPie

The Irrational One

jarland

The ocean is digital