Hacked: PHPFusion 6 Support

Home
Search

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

My site has been hacked. None of my username passwords work. I do not have or cannot find PhpMyAdmin. Please help.

The site is http://phynux.powweb.com/php/news.php

running v6.00.207

I could not find a solution in the forums.

Thank you

0 replies

v6.00.207 is "very" old. You should have upgraded your site ages ago. If you dont use the upgrade patches your site is in a high risk to be hacked :(

How do you know the site is hacked? It looks fine to me. Is it just your username/passwords that doesn't work? To "find" PhpMyAdmin you can contact your host, powweb.com. At many hosts you will find all you need in the cPanel (control panel, or similar).

Edited by Ken on 12-03-2009 00:13, 15 y

0 replies

Thanks for the response. Besides the password issue, there is text written over the site. It looks like ads. But I only see that in IE. In Chrome I don't see the text. I found myphpadmin and change the password but still could not get in.

as far as the version, it seems to be the only one Powweb offered. But I will upgrade if I can get the site back.

Thanks

0 replies

I installed php 7 in a new directory and it does the same thing. There are links to ads if you View Source and I cannot log in or create a new a account. This page seems to be missing in both versions.

http://phynux.powweb.com/php7/incladd.php

version 6 site
http://phynux.powweb.com/php/news.php

version 7 site
http://phynux.powweb.com/php7/news.php

suggestion?

0 replies

@phynux:
Did you installed from files which you already got in computer, or you just downloaded them from this page download section before installation?
Did you updated from the old version to newer or you freshly installed it?
And Did you placed new files over old, or you deleted old files, before uploading new files?

The only place i can think this code can be is:
themes/templaces/header.php
themes/Gillette/theme.php
Code by itself is plain HTML, but in PHP file it can be encrypted, or there will be include of another PHP file with code.

Edited by bite on 17-03-2009 04:30, 15 y

0 replies

Thanks for your help. I installed the files from a new download and into a new folder and new database. This issue was caused by someone getting access to the htaccess file and adding a script to it to call a list file.

There is still corruption with the original php site but I can log into now. The new php7 is fine now.

This was not a issue with PHP Fusion it turns out, but some getting admin access to the site.

Thanks for your help.

0 replies

I recommend you install a mod security for php for the future potential attacks.

Edited by oscars on 18-03-2009 15:10, 15 y

0 replies

Quote

oscars wrote:
I recommend you install a mod security for php for the future potential attacks.

Hi there, just reading through this thread.

This mod "security" you mention...

Is that actually a mod or infusion that exists or are you just referring to any security related mod/infusion available??

Thanks

0 replies

No it is an Apache/Linux module. You need to have full access to your server to install this.

0 replies

Category Forum

Official Core Support - 6

Labels

None yet

Statistics

Views 0 views
Posts 8 posts
Votes 0 votes
Topic users 6 members

0 participants

Notifications

Track thread

You are not receiving notifications from this thread.

Hacked

8 posts

PHPFusion

Resources

Community

Development