1
MikeShane
my xoops sites hacked
  • 2009/4/18 20:18

  • MikeShane

  • Community Support Member

  • Posts: 144

  • Since: 2008/1/5 2


I have a couple of XOOPS sites on the same server and some of them get hacked with this


"


" it is on my front pages when i view source any help on how to get rid of them
how is the iframe on my page what would put it there

[EDIT by Mamba] I've edited the name of the hacker site, as we don't want Google searches associate our Website with them.
Musicians for musicians entertaining the world, what starts as a dream can live in reality!

2
ghia
Re: my xoops sites hacked
  • 2009/4/18 23:57

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


You should warn your hoster about this. Other occurrences of this iframe insertion to indexfiles have turned out to be a server security problem as other sites on the same server were also affected, if they were XOOPS based or not.

3
MikeShane
Re: my xoops sites hacked
  • 2009/4/19 1:16

  • MikeShane

  • Community Support Member

  • Posts: 144

  • Since: 2008/1/5 2


thanks mamba did not think of that
I found that they were entries on my index.php pages three diferant sites (only php based sites) one was Joomla that I was testing with. I changed the pages and set permissions to 777
Now I will keep an eye on them though
Musicians for musicians entertaining the world, what starts as a dream can live in reality!

4
Mamba
Re: my xoops sites hacked
  • 2009/4/19 7:54

  • Mamba

  • Moderator

  • Posts: 11409

  • Since: 2004/4/23


Quote:
thanks mamba did not think of that

I think, you meant "Ghia" instead of me
Support XOOPS => DONATE
Use 2.5.11 | Docs | Modules | Bugs

5
ghia
Re: my xoops sites hacked
  • 2009/4/19 10:13

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Quote:
I changed the pages and set permissions to 777
This is for giving also write permissions and is not correct!
Normal settings are 755 for PHP files and 644 for directories and html files. Mainfile.php should be 444 and some directories as listed in the release notes should have 777.

6
MikeShane
Re: my xoops sites hacked
  • 2009/4/19 19:46

  • MikeShane

  • Community Support Member

  • Posts: 144

  • Since: 2008/1/5 2


im back i thought i had it im wrong it is still there in my one site. How can I find out where it is coming from and how to get rid of it












Powered by myxoopssite 2001-2008 my XOOPS site







this is the code at the bottom of my page
any help?
Musicians for musicians entertaining the world, what starts as a dream can live in reality!

7
MikeShane
Re: my xoops sites hacked
  • 2009/4/19 20:56

  • MikeShane

  • Community Support Member

  • Posts: 144

  • Since: 2008/1/5 2


I found out that they injected this code into every one of my index pages accociated with xoops. any idea how they did it or how to stopp it fgrom happening again
Musicians for musicians entertaining the world, what starts as a dream can live in reality!

Login

Who's Online

381 user(s) are online (285 user(s) are browsing Support Forums)


Members: 0


Guests: 381


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits