XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Community Support forums / 
  3. XOOPS general usage questions 
  4.  / I have been hacked - Need Help
Register
1
fadius
I have been hacked - Need Help

  • 2008/5/3 12:00

  • fadius

  • Just popping in

  • Posts: 10

  • Since: 2005/5/6 4


My site has been hacked and I would like some opinions as to how it may have been hacked so I can attempt correct it.

http://www.pitbrotherspaintball.com

I also forgot what version of XOOPS I used and this is the first of any of my sites that has been hacked.

Any insight would be helpful.
2
maxxy
Re: I have been hacked - Need Help

  • 2008/5/3 12:27

  • maxxy

  • Quite a regular

  • Posts: 286

  • Since: 2007/6/11


Read this guide..
https://xoops.org/modules/smartfaq/faq.php?faqid=621

Make sure you install latest protector module
http://xoops.peak.ne.jp/
https://xoops.org/modules/newbb/viewtopic.php?topic_id=63726&forum=28&post_id=288016#forumpost288016
3
stefan88
Re: I have been hacked - Need Help

  • 2008/5/3 13:00

  • stefan88

  • Community Support Member

  • Posts: 1086

  • Since: 2004/9/20


Hi,

for the version part - check the version.php file in include folder.

Make a backup of database and files first!

Notify your hosting provider. Obtain a copy of server logs if you can.

Then to xoops. Delete all files except index.html in "templates_c" folder and see if that fixes the problem...
..
4
avtx30
Re: I have been hacked - Need Help

  • 2008/5/3 13:18

  • avtx30

  • Not too shy to talk

  • Posts: 181

  • Since: 2006/10/12


Quote:

I also forgot what version of XOOPS I used and this is the first of any of my sites that has been hacked.

Any insight would be helpful.


No way!! You admin cannot remmember your XOOPS version then how could others can help you on security???
Xoops Demos:
http://www.nhatban.net/info/a0021.html
5
phppp
Re: I have been hacked - Need Help

  • 2008/5/3 13:23

  • phppp

  • XOOPS Contributor

  • Posts: 2857

  • Since: 2004/1/25


It is very likely not through XOOPS.
One year ago there were some sites hacked like this, later on it was found out the hack was through a forum software.

Check with your server admins.
6
Anonymous
Re: I have been hacked - Need Help

  • 2008/5/3 13:35

  • Anonymous

  • Posts: 0

  • Since:


Hi fadius,

Delete all files ( php ) inside /templates_c and cache folders ( make backup from adminmenu.php ).

then add .htaccess file to the /templates_c, /cache and /uploads folders with this code:

AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI
7
trabis
Re: I have been hacked - Need Help

  • 2008/5/3 13:36

  • trabis

  • Core Developer

  • Posts: 2269

  • Since: 2006/9/1 1


Be aware of the security on your home PC.
Ftp passwords can be recovered with malicious software.
8
McDonald
Re: I have been hacked - Need Help

  • 2008/5/3 17:33

  • McDonald

  • Home away from home

  • Posts: 1072

  • Since: 2005/8/15


@fadius,

Can you give us a list of the modules + version you have installed?
Also some editors like Spaw are unsecure.
If don't have installed Protector, than do so.
9
orgunozcu
Re: I have been hacked - Need Help

  • 2008/5/3 18:57

  • orgunozcu

  • Not too shy to talk

  • Posts: 136

  • Since: 2005/9/1 5


http://www.pitbrotherspaintball.com/modules/myAds/ Myads module is safe? i advice search in xoops.org and google.. ? dont think your myads is safe.
www.cancer-aids.net

www.cinselliksaglik.com

www.konyaninsesi.com
www.psikolojikdanisman.org
www.xoopshocasi.com
10
preachur
Re: I have been hacked - Need Help

  • 2008/5/4 0:12

  • preachur

  • Just can't stay away

  • Posts: 525

  • Since: 2006/2/4 4


The old MyAds module isn't secure, but there is a better and frequently updated classified ads module available athttp://www.jlmzone.com

It rocks.
Magick can never be restrained, but when freely given is thrice regained!

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

184 user(s) are online (118 user(s) are browsing Support Forums)

Members: 0

Guests: 184

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Apr 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits