Quote
radiofreebcj wrote:
So, if this is a problem that others have seen...is there a way to fix it? ...
Quote
bite wrote:
I remember I wanted to create sniffer who will log visitors ip, and all what he did on website, such thing would remove gap from whats going on with PHPFusion panels in less than 5 mins you would be able to find every hacker move, however Starefossen forbid me from creating such script, so lets continue thinking what it is page owners fault.
Quote
blueadept wrote:
Even though you may have fixed this by now, I thought I would chime in.
I had my site hacked this way. It means that your site was compromised and they have your admin passwords.
I am usually good with keeping up with the changes to ver 6 (and am still using 6 since I have too many mods that wont work with 7). From what I could tell it was the search.php? from several versions back that was used to grab your password hashes. I didn't notice it until a couple days after I upgraded to the lastest version of 6. The person doesnt change anything on the site except add that invisible weblinks file. His way of getting your passwords probably has been fixed, but he had been doing this for a while without me knowing.
It wasn't until I was changing a mod after I had upgraded that I noticed when I viewed the site's code that I had been hacked. Since nothing had been noticably changed, it went on for quite a while unnoticed.
Changing or deleting that file will not help because if you watch your logs, he will come back and repost it.
Suggestions on how to permanently fix this, upgrade to the newest version of 6. CHANGE ALL YOUR ADMIN PASSWORDS! I changed mine, but my brother never changed his so they stopped using my password and started using his. It proves that they had ALL the passwords for all the users.
Category Forum
Official Core Support - 6Labels
None yet
Statistics
0 participants
Notifications
You are not receiving notifications from this thread.
Related Questions