Portal Home > Knowledgebase > Articles Database > Sites getting hacked help!
Sites getting hacked help!
| Posted by klair_di_sardari, 04-13-2010, 11:24 AM |
| Hi,
I was getting virus aleart when i open my sites, i checked every thing and found that this code got injected is on my every site header or footer or index.php on my that server, here is code:
I removed that code from everysite and changed my all passwords on that server but after few hrs code got injected again!
Anyone got idea what i have to do to be safe from this code.
Please help me.
Thanks!
|
| Posted by Imfast, 04-13-2010, 11:59 AM |
| check out the security hole in your code, it should be strong enough to escape php and sql injections, also run root kit hunter at server for any kit or malicious files on server
|
| Posted by GameFrame, 04-13-2010, 12:09 PM |
| It looks like IFRAME injection after I URL decoded your example. Does those files containing injected code have the same permission that your httpd user?
If not, your FTP/shell account has been compromised.
No offence but rkhunters and chkrootkits can only defeat script-kids default "work". Any determined exploiter makes a big laugh on those both.
|
| Posted by ServerSitters_Paul, 04-14-2010, 12:39 PM |
| What are the permissions and ownership on the infected files? Are you running php as the user or nobody? This should help you narrow it down to either an application/script vulnerability or a hacked server.
|
Add to Favourites 
Print this Article
Also Read
Shared Hosting
Shared Hosting
