News - Features - Downloads - Forum - Team - Support - Switch View: Screen
Login - Registrierung - Passwort vergessen

Antworten: 18
Seite [1]
esse999


Beginner




Beiträge: 8
# Thema - 03.11.2011 um 21:41 Uhr
I installed the CMS two week ago, in a non primary folder, a testing folder in the second level but today someome hack my index page of CMS.

How can I prevent this?

They hacked my website more faster than i used the old phphnuke!

PS: the version is 2011.2


Zuletzt editiert von esse999 am 03.11.2011 um 21:41 Uhr (1x Editiert)
Inaktiv
ichraffsnicht ClanSphere Team

Supporter
Supporter



Herkunft: Erdeborn bei Lutherstadt Eisleben
Beiträge: 3191
# Antwort: 1 - 03.11.2011 um 21:52 Uhr
link to this page? logs? more infos?

its like: "hey, someone has knocked on my door! Who is it?"

please give us more infomations!


------------------



Inaktiv
|
esse999
Thread-Ersteller


Beginner




Beiträge: 8
# Antwort: 2 - 03.11.2011 um 22:09 Uhr
The website is www.deltalasertag.it/dlt

I did set a more restrictive access for users and guests but nothing.

the install files was removed


Inaktiv
|
palle ClanSphere Team

Supporter
Supporter




Beiträge: 3073
# Antwort: 3 - 03.11.2011 um 22:14 Uhr
਀㰀䠀䔀䄀䐀 ...

Is this the same as phpnuke?


------------------
I like the part where it says 'nyan'



Zuletzt editiert von palle ClanSphere Team am 03.11.2011 um 22:23 Uhr (2x Editiert)
Inaktiv
|
esse999
Thread-Ersteller


Beginner




Beiträge: 8
# Antwort: 4 - 03.11.2011 um 22:23 Uhr
It was an example, phpnuke was an old cms i used years ago with high level of hacking.

However i don't understand how they find my website, i uploaded 2 week ago and i never sent links o visibility.


Inaktiv
|
Jam2 ClanSphere Team


Highlander





Beiträge: 3291
# Antwort: 5 - 03.11.2011 um 22:24 Uhr
I don't think that they have hacked your ClanSphere installation. I think they hacked your ftp (trojan....)

btw. reupload index.php, change ftp passwd, check antivir, ect.

However i don't understand how they find my website, i uploaded 2 week ago and i never sent links o visibility.

Google ?


------------------
Gruß/ Best regards
Jam2

Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes)
Template Switch for index.php
Board Navlist last posts

Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota.....
Edi: hö ?
Jam2: nichts ist unmöglich!


Zuletzt editiert von Jam2 ClanSphere Team am 03.11.2011 um 22:25 Uhr (1x Editiert)
Inaktiv
|
esse999
Thread-Ersteller


Beginner




Beiträge: 8
# Antwort: 6 - 03.11.2011 um 22:25 Uhr
We are using a joomla CMS in parallel and it's not hacked or modified


Inaktiv
|
Jam2 ClanSphere Team


Highlander





Beiträge: 3291
# Antwort: 7 - 03.11.2011 um 22:28 Uhr
So on... We need Server Logs

you should now do -> reupload index.php -> deactivate "explorer"-modul (only with this modul someone can edit datas in clansphere) -> change pws


------------------
Gruß/ Best regards
Jam2

Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes)
Template Switch for index.php
Board Navlist last posts

Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota.....
Edi: hö ?
Jam2: nichts ist unmöglich!


Inaktiv
|
esse999
Thread-Ersteller


Beginner




Beiträge: 8
# Antwort: 8 - 03.11.2011 um 22:33 Uhr
03.11.2011 um 22:28 Uhr - Jam2:
So on... We need Server Logs

you should now do -> reupload index.php -> deactivate "explorer"-modul (only with this modul someone can edit datas in clansphere) -> change pws


Ok, for server log i need to tell to my provider. i think and i hope i was the explorer module exploit.


Inaktiv
|
Jam2 ClanSphere Team


Highlander





Beiträge: 3291
# Antwort: 9 - 03.11.2011 um 22:35 Uhr
iI don't know any exploit of explorer modul. only if index.php have got something like chmod 777 it is possible to change it with explorer modul


------------------
Gruß/ Best regards
Jam2

Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes)
Template Switch for index.php
Board Navlist last posts

Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota.....
Edi: hö ?
Jam2: nichts ist unmöglich!


Inaktiv
|
ev0lution


Geekboy





Beiträge: 1103
# Antwort: 10 - 03.11.2011 um 22:58 Uhr
i dont its truth. u would be the first one ...


------------------


Inaktiv
|
hajo ClanSphere Team


VIP - Poster




Herkunft: Barsbüttel
Beiträge: 9411
# Antwort: 11 - 03.11.2011 um 23:09 Uhr
well, we haven't heard of a clansphere hack for many month now, but i won't guarantee 100% security. on the other hand we should - at first - try to find out what happened in detail.


------------------
ClanSphere - professional clan care starts here

Inaktiv
|
esse999
Thread-Ersteller


Beginner




Beiträge: 8
# Antwort: 12 - 03.11.2011 um 23:36 Uhr
Refresh my link, they uploaded a image..........


Inaktiv
|
kerryj88


Try to beat me




Herkunft: Northampton
Beiträge: 107
# Antwort: 13 - 04.11.2011 um 10:09 Uhr
you sure you chmod correctly
on my server the chmod is the opposite to what is recommened on csphere instructions


------------------
www.b2g-clan.co.uk
European PS3 Clan


Inaktiv
|
ichraffsnicht ClanSphere Team

Supporter
Supporter



Herkunft: Erdeborn bei Lutherstadt Eisleben
Beiträge: 3191
# Antwort: 14 - 04.11.2011 um 13:08 Uhr
@kerryj88 opposite chmod-settings? i think you are crazy ;-)


------------------



Inaktiv
|
hajo ClanSphere Team


VIP - Poster




Herkunft: Barsbüttel
Beiträge: 9411
# Antwort: 15 - 04.11.2011 um 14:10 Uhr
clansphere does only need 755 or higher for the uploads directory and recursive directories in it, depending on the webserver configuration. for other files / directories even 644 and lower can and should be enough.


------------------
ClanSphere - professional clan care starts here

Inaktiv
|
kerryj88


Try to beat me




Herkunft: Northampton
Beiträge: 107
# Antwort: 16 - 06.11.2011 um 00:03 Uhr
04.11.2011 um 13:08 Uhr - ichraffsnicht:
@kerryj88 opposite chmod-settings? i think you are crazy ;-)


mine are 644 as 755 doesnt work
no idea why but i cant even install files with 755


------------------
www.b2g-clan.co.uk
European PS3 Clan


Inaktiv
|
esse999
Thread-Ersteller


Beginner




Beiträge: 8
# Antwort: 17 - 14.11.2011 um 10:36 Uhr
I thi nk the problem was the explore module, without it all running good. We received more attacks but all stopped without problem. We disabilited the module.


Zuletzt editiert von esse999 am 14.11.2011 um 10:36 Uhr (1x Editiert)
Inaktiv
|
hajo ClanSphere Team


VIP - Poster




Herkunft: Barsbüttel
Beiträge: 9411
# Antwort: 18 - 14.11.2011 um 20:32 Uhr
the explorer mod can be removed from clansphere without any issues, but clear the cache afterwards.

if you get more details or urls on how they tried to hack you please provide them to us so that we can work on a fix.


------------------
ClanSphere - professional clan care starts here

Inaktiv
|
Antworten: 18
Seite [1]


Sie müssen sich registrieren, um zu antworten.


ClanSphere Project - Mailus - Imprint - Disclaimer - Scriptinfo