|
Donations |
|
 |
|
|
|
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
|
|
|
Survey |
|
|
|
|
|
|
|
|
Translate |
|
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
KevinE
Guest
|
 Posted: Thu Apr 15, 2004 2:31 pm Post subject: Web site has been hijacked by 008k.com |
|
|
It's a php web site and I am pretty sure that every current update from Nukecops has been applied to the site and now I have a high-tech review site popping porn pictures and the grab and snatch and never let you go routine. I haven't a clue about the best way to do debug a virus infected web site or even where to start looking. The redirect happens on the home page if that is anyhelp at all and according to Kapersky they are using a VB trojan of sort which must be embedded into one of the files.
Anyone offer and clues I am now on day 4 without a site and my server company says that it is my problem since I run PHP.
Thank |
|
| Back to top |
|
 |
Blast
News Admin
Premium Member
Joined: Sep 20, 2003
Posts: 1820
Location: A Kiwi in Sydney, Australia
|
| Posted: Thu Apr 15, 2004 10:51 pm Post subject: |
|
|
Is it happening on the homepage (index.php) only?
or is it happening on other pages as well?
Can you PM me the website
cheers...
_________________
Blast
---------------------------
"Timing is the essential factor in the success of any raindance"
--------------------------- |
|
| Back to top |
|
|
KevinE
Guest
|
| Posted: Sat Apr 17, 2004 12:47 pm Post subject: |
|
|
I ended up locking the door on the site after making two more repairs from backup they came and trashed over the course of two nights again. I was able to do a bit of searching on the net and found this tasty tidbit of information and I think this is the source of where my trouble came from.
http://telexxx.persianblog.com/
One trick they did use was to create addition GOD account on all SQL databases so they could play with them as they wanted to when they wanted to. The funniest part was my server company told me the first time they got in was through my site the second and third was through them and they asked me to leave since they now think PHP is a security risk, now perhaps I do as well. |
|
| Back to top |
|
|
Blast
News Admin
Premium Member
Joined: Sep 20, 2003
Posts: 1820
Location: A Kiwi in Sydney, Australia
|
| Posted: Sat Apr 17, 2004 4:48 pm Post subject: |
|
|
That would be a shame if you felt that following along with PHP wasn't worth pursuing due to someone hacking your site. Lets face it if the hackers got in through your server maybe the server is the security risk not PHP,
(or for that matter, your site)
This site is run with PHP and has stood the test of time
But in the end it comes down to what you are comfortable with
Hope it works out
cheers...
_________________
Blast
---------------------------
"Timing is the essential factor in the success of any raindance"
--------------------------- |
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
Powered by phpBB 2.0.8a © 2001 phpBB Group
Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
|
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
