1
rabideau
XOOPS security hole? Help...please...
  • 2005/2/19 14:20

  • rabideau

  • Home away from home

  • Posts: 1042

  • Since: 2003/4/25


Has anyone seen anything like the following? This appeared in a registration email notification - - has my site been hacked? Is there a security hole in XOOPS? Is there anything I should do?

Any help is appreciated.

+++ Registration email looks like this +++++++++

username has just registered!



ill your recent online pharmaceutical order.

To help you get your needed supply, we have sent this reminder notice.

Please use the refill system http://officious.onstartopper.com/?wid=100069 to obtain your item in the quickest possible manner.

Thank you for your time and we look forward to assisting you.

Sincerely,

Rudolph Dixon




albany is dirge uc densitometer ajx bourbon fj select xf morrow yg are end runway vsn
bingle tm corinth uh tarantula dt implicit yxh babel heq cohosh zt frictional sr cutesy soa agouti izf irritable hvn

2
tedsmith
Re: XOOPS security hole? Help...please...
  • 2005/2/19 14:47

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Blimey - that looks well dodgy. Not a surprise to see it's a viagra company though!

I am fairly sure that to adjust the registration e-mail, they need access to a file in your webspace, namely

/language/english/mail_template/register.tpl


(See the FAQ)

So to change that they must have hacked your actually web space as opposed to Xoops? No expert on that side of things though.

3
m0nty
Re: XOOPS security hole? Help...please...
  • 2005/2/19 14:54

  • m0nty

  • XOOPS is my life!

  • Posts: 3337

  • Since: 2003/10/24


can u check the headers/source of the email msg?

that way you will be able to tell if the mail originated from your site or whether it's just normal spam using different tactics to get thru anti-spam software..

4
rabideau
Re: XOOPS security hole? Help...please...
  • 2005/2/19 18:08

  • rabideau

  • Home away from home

  • Posts: 1042

  • Since: 2003/4/25


Hmmmmm.

The template has not been hacked.

Now to check the email headers.

The odd thing is that the person registering is a real guy who was supposed to be there. I don't think he peddles viagara. But then again it must be very profitable -- maybe we're in the wrong business?!?!?

Curious though.

Login

Who's Online

361 user(s) are online (254 user(s) are browsing Support Forums)


Members: 0


Guests: 361


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits