Not sure if my site has been hacked but when i view the page source at the bottom of most pages i can see links to a load of other sites?....Have i been hacked? How do i remove these links? Are they dangerous?
www.fabcards.ie
Latest News: (loading..)
0
11 replies to this topic
#2
DunWeb
-
- Members
- 12,822 posts
The Censored One
- Real Name:Chris
- Gender:Male
- Location:Ontario, Canada
Posted 08 August 2012 - 03:23 PM
@fabcards
I don't see any signs of hacker activity and the only thing I see loaded remotely is your Google Analytics.......
Chris
I don't see any signs of hacker activity and the only thing I see loaded remotely is your Google Analytics.......
Chris
:|: Was this post helpful ? Click the LIKE THIS button :|:
See my Profile to learn more about add ons, templates, support plans and custom coding (click here)
See my Profile to learn more about add ons, templates, support plans and custom coding (click here)
#3
Posted 08 August 2012 - 03:31 PM
but when i view source at the bottom i get a load of rubbish like
<!-- [90cbc035f8d7ea32fbc6434d3ce91443 --><!-- 8428386921 --><a href="javascript:document.getElementById('block28').style.display='block';" title="more"> </a><div id="block28" style="display:none"><ul><li><a href="http://notwriting.com/commentary_111002.htm?cheap_pill=774">how much does mobic cost</a></li><li><a href="http://notwriting.com
Lookign at my files on the hosting server i see some files in the catalog/pub directory that i dont see on my local copy. viewed some of these files and inside mentions a pakistan hacker???There are two new folders in there Bomba and Bomba1 and inside these are aload of files with no file type so i cant seem to do anything with them...download nor delete.....am i safe enough to delete these folders or could this bring down my site altogether?
<!-- [90cbc035f8d7ea32fbc6434d3ce91443 --><!-- 8428386921 --><a href="javascript:document.getElementById('block28').style.display='block';" title="more"> </a><div id="block28" style="display:none"><ul><li><a href="http://notwriting.com/commentary_111002.htm?cheap_pill=774">how much does mobic cost</a></li><li><a href="http://notwriting.com
Lookign at my files on the hosting server i see some files in the catalog/pub directory that i dont see on my local copy. viewed some of these files and inside mentions a pakistan hacker???There are two new folders in there Bomba and Bomba1 and inside these are aload of files with no file type so i cant seem to do anything with them...download nor delete.....am i safe enough to delete these folders or could this bring down my site altogether?
#4
geoffreywalton
-
- Community Sponsor
-
- 8,055 posts
Contact me for Support
- Real Name:Geoffrey Walton
- Gender:Male
- Location:Norfolk, UK (close to the centre of the universe)
Posted 08 August 2012 - 03:38 PM
It does look like you have been hacked.
There are loads of posts listing what you need to do to cleanse your site and block the known route the hackers can use on unsecured site.
I have PM'd some usefull info.
Cheers
G
There are loads of posts listing what you need to do to cleanse your site and block the known route the hackers can use on unsecured site.
I have PM'd some usefull info.
Cheers
G
Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
#5
DunWeb
-
- Members
- 12,822 posts
The Censored One
- Real Name:Chris
- Gender:Male
- Location:Ontario, Canada
Posted 08 August 2012 - 04:12 PM
:|: Was this post helpful ? Click the LIKE THIS button :|:
See my Profile to learn more about add ons, templates, support plans and custom coding (click here)
See my Profile to learn more about add ons, templates, support plans and custom coding (click here)
#6
Posted 08 August 2012 - 04:57 PM
this is a page im viewing the source of
http://fabcards.ie/oscommerce2/catalog/product_info.php?cPath=22_35&products_id=63.
Maybe its only on some pages
http://fabcards.ie/oscommerce2/catalog/product_info.php?cPath=22_35&products_id=63.
Maybe its only on some pages
#7
Posted 08 August 2012 - 04:58 PM
A few years ago there was a hack going around that only displayed the hack links if you were a web bot indexing a site.
The hack had the IP addresses of all the major search engines and only spit out the extra links if the IP of the visitor matched one on their list.
The only way for the "average joe" to see the links was to view g00gle's cache of the site.
Somehow the cache isn't always available on g00gle now like it was a few years ago.
The hack had the IP addresses of all the major search engines and only spit out the extra links if the IP of the visitor matched one on their list.
The only way for the "average joe" to see the links was to view g00gle's cache of the site.
Somehow the cache isn't always available on g00gle now like it was a few years ago.
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.
"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -
"Headers already sent" - The definitive help
"Cannot redeclare ..." - How to find/fix it
SSL Implementation Help
Like this post? "Like" it again over there >
"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -
"Headers already sent" - The definitive help
"Cannot redeclare ..." - How to find/fix it
SSL Implementation Help
Like this post? "Like" it again over there >
#8
Posted 08 August 2012 - 05:00 PM
fabcards, on 08 August 2012 - 04:57 PM, said:
this is a page im viewing the source of
http://fabcards.ie/oscommerce2/catalog/product_info.php?cPath=22_35&products_id=63.
Maybe its only on some pages
http://fabcards.ie/oscommerce2/catalog/product_info.php?cPath=22_35&products_id=63.
Maybe its only on some pages
Definitely hacked.
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.
"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -
"Headers already sent" - The definitive help
"Cannot redeclare ..." - How to find/fix it
SSL Implementation Help
Like this post? "Like" it again over there >
"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -
"Headers already sent" - The definitive help
"Cannot redeclare ..." - How to find/fix it
SSL Implementation Help
Like this post? "Like" it again over there >
#10
Posted 08 August 2012 - 08:15 PM
Find the hack file(s) and remove it(them).
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.
"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -
"Headers already sent" - The definitive help
"Cannot redeclare ..." - How to find/fix it
SSL Implementation Help
Like this post? "Like" it again over there >
"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -
"Headers already sent" - The definitive help
"Cannot redeclare ..." - How to find/fix it
SSL Implementation Help
Like this post? "Like" it again over there >
#11
Posted 09 August 2012 - 08:37 AM
Looking at my files on the hosting server i see some files in the catalog/pub directory that i dont see on my local copy. viewed some of these files and inside mentions a pakistan hacker???There are two new folders in there Bomba and Bomba1 and inside these are aload of files with no file type so i cant seem to do anything with them...download nor delete.....am i safe enough to delete these folders or could this bring down my site altogether? I dont want to risk downloading the folders to my local computer but am afraid if i delete i may mess up my whole website????
#12
geoffreywalton
-
- Community Sponsor
-
- 8,055 posts
Contact me for Support
- Real Name:Geoffrey Walton
- Gender:Male
- Location:Norfolk, UK (close to the centre of the universe)
Posted 09 August 2012 - 09:17 AM
You can always zip up your site and keep a "security" copy.
But if "someone" had added them you definately don't want to keep them on your server.
Cheers
G
But if "someone" had added them you definately don't want to keep them on your server.
Cheers
G
Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
