You are here: Re: Unwilling phishing site host « PHP Language « IT news, forums, messages
Re: Unwilling phishing site host

Posted by Robin Faichney on 04/11/07 18:41

Thanks for all the comments. I've notified the webhost about register
globals being enabled and I've received the following explanation of
what seems to have happened.

"I still think it is
that contact.php page. I am almost certain that the hacking was done
through the website and not FTP or another method. My guess would be
that there is a security flaw somewhere in that contact.php which is
allowing file uploads even though it is disabled. This is backed up by
a
quick search on google for "Free-php-Scripts.net contact.php" (as
that's
the author site given in the script) for which the results are:
http://www.google.co.uk/search?hl=en&q=Free-php-Scripts.net+contact.php&
meta=

One of the entries (there are also other similar ones) is this, which
lists a security flaw in that script:
http://xforce.iss.net/xforce/xfdb/29874

As this is a known vulnerability, hackers probably scanned the
internet
for any site using it that they could compromise. There is also a file
called c99.php on your site which is a script designed to help hackers
do whatever they wish (
http://www.google.co.uk/search?hl=en&q=c99.php&meta= ). My guess is
that
this is the file that was uploaded using the security flaw in the
script. Once this was uploaded, they then used it to upload their
phishing scam etc. You should remove this c99.php file before the site
goes back online and check all other files in case of additional
changes
the hackers made."
--
<http://www.robinfaichney.org/>

 

Navigation:

[Reply to this message]


УдалСнная Ρ€Π°Π±ΠΎΡ‚Π° для программистов  •  Как Π·Π°Ρ€Π°Π±ΠΎΡ‚Π°Ρ‚ΡŒ Π½Π° Google AdSense  •  England, UK  •  ΡΡ‚Π°Ρ‚ΡŒΠΈ Π½Π° английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Π‘Π°ΠΉΡ‚ ΠΈΠ·Π³ΠΎΡ‚ΠΎΠ²Π»Π΅Π½ Π² Π‘Ρ‚ΡƒΠ΄ΠΈΠΈ Π’Π°Π»Π΅Π½Ρ‚ΠΈΠ½Π° ΠŸΠ΅Ρ‚Ρ€ΡƒΡ‡Π΅ΠΊΠ°
ΠΈΠ·Π³ΠΎΡ‚ΠΎΠ²Π»Π΅Π½ΠΈΠ΅ ΠΈ ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° Π²Π΅Π±-сайтов, Ρ€Π°Π·Ρ€Π°Π±ΠΎΡ‚ΠΊΠ° ΠΏΡ€ΠΎΠ³Ρ€Π°ΠΌΠΌΠ½ΠΎΠ³ΠΎ обСспСчСния, поисковая оптимизация