Jump to content


Photo

Index.php file (was hacked)


  • Please log in to reply
6 replies to this topic

#1 MSF

MSF
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 05 September 2006 - 02:29 PM

Okay,

Hopefully this is the right place.  I am searching for help with how my index.php file was hacked (h4x0r3d by BadgeR).

The only PHP I am running is some IPBSDK addon that works with by Invision PowerBoard.  There is nothing else too it.  :'(

I have done web searches for PHP security issues and double checked my code accordingly.  Nothing, YET!


Does anyone have any feedback on why/how/etc. PHP files get hacked like this?

Thank you kindly

#2 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 05 September 2006 - 02:42 PM

Could you provide us with a link and source codes?

#3 MSF

MSF
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 05 September 2006 - 05:14 PM

It was my Guild's website (WOW Guild).

www.blackfangbrotherhood.org

Do you want to just see the PHP stuff?  Or?

#4 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 05 September 2006 - 05:15 PM

Dont use Invision Board
I typed that in google once,
and before the Invision Board Home Page was a how to hack Invision Board
Tell me the problem, I will try tell you the solution

#5 MSF

MSF
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 05 September 2006 - 05:45 PM

Dont use Invision Board
I typed that in google once,
and before the Invision Board Home Page was a how to hack Invision Board


The hack wasn't to the Board itself.  It was to the Index.php file of the Main page of the website.

#6 Jocka

Jocka
  • Members
  • PipPipPip
  • Advanced Member
  • 344 posts
  • LocationDallas, Texas

Posted 08 September 2006 - 04:37 AM

More than likely he didn't use ur PHP page at all. He probably just found a way through your FTP server and uploaded some crappy "Haxored" stuff to your site to mess with you. If that's all he did, then he probably knows you. I'd change all my SERVER (ftp, site, etc) passwords immediatly.

What was the addon? I suppose you just have 1 addon? If so, what is that add-on. It may have a security issue or this "hacker" may have found an issue with it that he exploited.

#7 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 08 September 2006 - 11:42 AM

Also make sure you dont have any folder set to CHMOD 0777
Tell me the problem, I will try tell you the solution




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users