My site was hacked

I have cleaned up the thread codewise. If you lack something you considered important, well I removed it. We can not risk any AV company detecting and going bananas over this site. PLEASE BE CAREFUL WITH CODE USED IN HACKS OR EXPLOITS.

Peoples! Use pastebin or something like for these codes, please.

I got hacked again :D ..
The same files, the same thing..

Well I could only guess why... Insecure add-ons/modifications, wrong server settings or a combo... Sorry to hear that.

Why hasn't this site been breached? - if it's within fusion.... I've been skeptical but this site has almost never had issues... or they've never admitted it

MeTRoiD did you cleaned your site? DB, files, changes, passwords?

NO :D .. I guess needed to :D ..
Ah.. Will do that now..

my problem ... spam email.. i need help

@alecxz, that is not related to this issue, please make a new thread.

@Tyler, dont go all conspirational on us here hey, we have been hacked, several times, so have sites of mine. There is no reason whatsoever to not admit to that, since 1) if the site is down, it is down rite? and 2) why would we not improve PHPFusion's code if we ourselves may be hacked if not doing so? I know that this site have been down on and off the last year, but as far as I know and have been told it has always been server related issues. You have my word on that.
Domi has spent a great deal of time recently cleaning up and securing the server and even if there may be some odd task left there, we will most likely not suffer from unplanned server related downtime again.

I do not know if the fact that we are currently on our own hosted Virtual Private Server may give us the ability to have a slightly better security, have not looked in to that a lot, but I think it is safe to assume that may be the case.

Hacked again. Version 7.02.06, Fusion Scan doesn't work... :|

Richard, I was saying the complete opposite of what you were talking about.

I said if there was a flaw in fusion this site would be the first to be breached. Like I said I didn't think this site has been hacked but for all it could of just not been announced.

All I was trying to say is if fusion had faults it would show on this site not just people whom use fusion. That's why I blamed it on insecure add-ons/mods, server settings or both....

You misunderstood me.


For those of you who've been hacked you need to do as other have told you: Change all your passwords. Furthermore you need to make sure every file is removed. Files can be hidden where you aren't going to look and it can be costly if you don't remove them all.

Oops... paranoid thinking...;)

And again... Today hacked only articles.php...
Fake files deleted, all passwords changed. What else?:|

to delevopers:

i can try to apply some improvments for security


change to

differrent cookie name for users and admins (setted by user).
if it was done before, this injection wasn't injure any site.

1 - Address Site Hacked
2 - zone-h.org mirror
3 - Install Only one CMS
4 - trust hosting

then say my php-fusion site hacked

Maybe the developers off PHPFusion missed to contact der NSS sites to puplic this BIG secuity misstake. click

It can not be true that somebody fixed this misstake and there is no Sorry or a try to make Users update there pages...

Now everybody is crying because nobody said there is a Secuity problem this big!

I'm very ****ed because nobody tryed to do somethink...



"several vulnerabilities"

Heeeellooohooooo after that I never Update my Page But when there is a:

[size=20]"WARNING: We make a big misstake (since v7.02.01) that allow others to access in every Account on your Website please Update"[/size]

Then I run faster to my site to Update as to my presents under christmas tree.

Yeah wuheeey. But how long we had v7.02? We need a bigger Announcement as "several vulnerabilities" as German I had to Google what that mean at first.

See what official NSS Germany said to that:
http://phpfusion-support.de/news.php?readmore=496

Austria the same:
http://php-fusion.at/news.php?readmore=23

Why did nobody talked to them to say there is a big security problem?

Edit: Where's Craigs Post? O.o

Hi there Sunflow,

I removed my post as I thought maybe my information was not accurate enough.

I hope you can resolve your issues, please carry on!

I would like to offer you My Sincere apologise for posting possibly inaccurate information.

Kind Regards
Craig

I personally warned all Russian users of the vulnerability and immediately updating

I understand your concern, but I would like to see the code so I can scan for it on my server.
I think only if this site performs malicious actions those AV boys goes bananas. Showing the code to warn people I think not.

To compromise: Isn't it possible to show the code only to members? That way searchengines and AV companies won't see the code.

I'll be happy to make a BBCode for that.

this bb-code is already there