My site is hacked again :(: The Chill Out Zone

Home
Search

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

Welcome. please help from you. My site was attacked again by putting strange code of PHP code. Sorry for English. it looks like this:

Code Download source

<?php                                                   eval(base64_decode("ZXJyb3JfcmVwb3J0a - part of code removed due to security reasons "));

Unfortunately, colleagues from the Polish forum posts and cancel my account blocked me. Looking for help to protect against attacks.

Forum is here to help each other and not just to closing down the account. Not everyone is a guru of fusion. I think we should help each other. Polish colleagues can only ban. Unfortunately this is strange.
Additionally, in my current post entered a hidden message. This is sad: (

thanks leszcz33 of Polish

Edited by leszcz33 on 22-10-2011 20:13, 13 y

0 replies

It was only index.php, or another files was corrupted too?

0 replies

Quote

PolarFox wrote:

It was only index.php, or another files was corrupted too?

all php files :(

0 replies

Wrong permissions on all files, or you have got a trojan inside your pc.

0 replies

Quote

PolarFox wrote:

Wrong permissions on all files, or you have got a trojan inside your pc.

No my computer is free . Protected with NIS2012 and all permission is good.
I change all passwords ; FTP and passwords for site and wait what happend :)

0 replies

Error because you have Total Commander in the earlier version, which is dangerous to use users.

0 replies

Quote

krystian1988 wrote:

Error because you have Total Commander in the earlier version, which is dangerous to use users.

No i dont use TotalCommander

I still have a problem . Please help
Still haks my site .

0 replies

Which version of PF you've got?

0 replies

A site link would be handy?

0 replies

Quote

hoopak wrote:

Which version of PF you've got?

7.01.06

0 replies

Quote

Fangree_Craig wrote:

A site link would be handy?

http://dolaczdonasprzedszkolaku.org

This page about children and kindergarten ......... I am surprised an attack on such a page.

Now the site is inactive. Server administrators trying to determine the source of attacks.
I have no idea last attack was online and append the code for "my eyes"
I do not have viruses and do not use any TotalCommander.
Changing passwords gave nothing.
On the server, two files have written yet phpinfo.php and phpinfo.php5 do not know where I placed them there

Edited by leszcz33 on 27-10-2011 18:14, 13 y

0 replies

What plugins/mods do you have?

btw try this http://www.freedrweb.com/cureit/?lng=en also

0 replies

Quote

PolarFox wrote:

What plugins/mods do you have?

btw try this http://www.freedrweb.com/cureit/?lng=en also

standart plugins/mods I have

0 replies

Can you send me your logs from the server?

0 replies

Quote

PolarFox wrote:

Can you send me your logs from the server?

My server provider changed. I now have a different IP. Page works ok so far

what logs should I send?

0 replies

Access logs, error logs , if you have it.

0 replies

I have been using phpfusion for last 6 years, and the security fixes has been better and better. all you dev remember to use access security check before processing any $_post or $_get function. addslashes to all text boxes and it will be fine. the main core.php is so far much superior to joomla.

0 replies

My site working good when my provider change serwer and IP

0 replies

Category Forum

Announcements & Security Issues

Labels

None yet

Statistics

Views 0 views
Posts 17 posts
Votes 0 votes
Topic users 6 members

6 participants

Notifications

Track thread

You are not receiving notifications from this thread.

My site is hacked again :(

17 posts

PHPFusion

Resources

Community

Development