orentraff.cn hacker?
Asked Modified Viewed 5,525 times
asked
Hi people..
When i navigate trough my sites i see a unknown address appearing for a fraction of a second,it mostly appears when i use the back & forward buttons in my browserwindow.
I used Google to know more about that orentraff.cn domain and it seems it is a domains that's hosted in China and that it is some kind of hacker.
But no idea what this hack (if it is a hack) does.
I can't find any damage or alterations that was done to my sites.
Anyone else that experienced this problem?
This is what i found using Google:
"orentraff.cn is a domain name. The code was calling something from
another server into an invisible iframe. That something is probably
malicious."
When i navigate trough my sites i see a unknown address appearing for a fraction of a second,it mostly appears when i use the back & forward buttons in my browserwindow.
I used Google to know more about that orentraff.cn domain and it seems it is a domains that's hosted in China and that it is some kind of hacker.
But no idea what this hack (if it is a hack) does.
I can't find any damage or alterations that was done to my sites.
Anyone else that experienced this problem?
This is what i found using Google:
"orentraff.cn is a domain name. The code was calling something from
another server into an invisible iframe. That something is probably
malicious."
Edited by Puma on 29-05-2008 03:25,
Xessive
Xessive 10
I am not always right, but I'm never wrong.
http://www.xessive.nl
http://www.xessive.nl
- Senior Member, joined since
- Contributed 327 posts on the community forums.
- Started 4 threads in the forums
Quote
MrSimple wrote:
What can we do to prevent this injection to our sites?
Make maincore unwritable? Remove custom pages? Or something else?
run the latest en completely un-modded version of PHPFusion...
Whenever you use a infusion from 3rd party the chance is there that some code
will be unsafe and vulnarable to SQL injections...
I don't know if there's a tool of some kind which can check PHP code for
sloppy code which makes SQL injections possible.
If someone knows about such a tool please post it here..!!
muscapaul
muscapaul 10
Paul
Time flies like an arrow, fruit flies like banana (Groucho Marx)
Sites: Diptera.info (site owner); Online-Keys.net (site owner); Sciomyzidae.info (site co-owner); muscapaul.com (defunct; site owner)
Time flies like an arrow, fruit flies like banana (Groucho Marx)
Sites: Diptera.info (site owner); Online-Keys.net (site owner); Sciomyzidae.info (site co-owner); muscapaul.com (defunct; site owner)
- Veteran Member, joined since
- Contributed 1,075 posts on the community forums.
- Started 8 threads in the forums
Quote
MrSimple wrote:
What can we do to prevent this injection to our sites?
Make maincore unwritable? Remove custom pages? Or something else?
In v6 a hacker only needs the password of an administrator with Custom Page access to be able to do this. In v7 it will be more difficult to do the same thing as the culprit needs to acquire two passwords: a login password of an administrator and that admin's admin password that he/she has set to perform a number of admin actions (among those work on Custom Pages). Another new security feature in v7.
starefossen
starefossen 10
www.postexus.com - Follow Postexus on Facebook.
- Senior Member, joined since
- Contributed 359 posts on the community forums.
- Started 20 threads in the forums
Prevent your site from getting hacked:
1. Allways run the latest and greates version of the system (PHPFusion)
2. Be carefull with infusions / mods made by 3. party.
3. Never give custom pages / panels access to admins who don't need it. Only give such access to those you trust.
4. MySQL, FTP and your admin user password must be different!
5. Change all passwords on a regular basis
6. Never use your admin user password as a user password at another site!
1. Allways run the latest and greates version of the system (PHPFusion)
2. Be carefull with infusions / mods made by 3. party.
3. Never give custom pages / panels access to admins who don't need it. Only give such access to those you trust.
4. MySQL, FTP and your admin user password must be different!
5. Change all passwords on a regular basis
6. Never use your admin user password as a user password at another site!
answered
For dealing with the cracker / script kiddie just send homdax on a trip to china.
(like he did with the turkish ones :P )
(like he did with the turkish ones :P )
answered
Sorry, not going to China until later this year for Olympics System Support Crack Down.
Category Forum
Official Core Support - 6Labels
None yet
Statistics
- Views 0 views
- Posts 26 posts
- Votes 0 votes
- Topic users 12 members
0 participants
Notifications
Track thread
You are not receiving notifications from this thread.
Related Questions