>> Site Map >> Forums >> PHP-Nuke Security
Forum module - topics in forum:
PHP-Nuke Security - Been hacked? or have a question about securing your site, here's the place.
Site "HacKed By MyDooM"
My phpNuke site has been hacked. The site now says "HacKed By MyDooM | TuRKiSH HaCKeR". Then after 5 seconds the page forwards on to a porn site.
After looking in google for "HacKed By MyDooM" this seems to be a common hack. Can anyone supply me with instructions on how to fix this.
Thanks.
What is your site url?
Are there any authors added to the authors table?
Which PHP-Nuke version? Below 6.5?
Recommended to install Sentinel or Protector. It won't help you with this one, but after you should definatly install it.
BL
And as far as the redirect goes they usually just add code to the footer section in the db.
Visit your db and find the nuke_config table and it should be in the footer section.
Agree, but I'm also thinking of an added news story.
BL
I renamed the root phpNuke folder to stop the website working but if you goto http://hullsavoyards.co.uk/html_qwe/ you can see what it does.
The phpNuke version is 7.2.
I will check the database tables you advised and install Sentinel or Protector after it's fixed.
Will they now know my passwords, or is it just an exploit to insert data into the database?
Thanks for your responses.
| Code: : |
| <html><head><title>HacKed By MyDooM </title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head><body><p><div align="left"><font size="11" face="Geneva, Arial, Helvetica, sans-serif"><strong><font size="+60"><h1>HacKed By MyDooM | TuRKiSH HaCKeR <h1></font></strong><br></font><font size="7" face="Geneva, Arial, Helvetica, sans-serif"><br><b> </font></p><p align="center"><font size="6" face="Geneva, Arial, Helvetica, sans-serif"><img src="http://img380.imageshack.us/img380/9936/asiasiasiben4448qi.jpg"></font> </p><br><h4>Ne MUtlu Türküm Diyene!!! mikrosoftmail@hotmail.com <h4><br></body></html></td></tr></table></div> <body bgcolor="#000000"> <meta http-equiv="refresh"content="3;URL=http://sakura_34.sitemynet.com"> <p align="center"><font color="#FFFFFF"></font> |
In the footer as I said.
Check your nuke_authors table in the db for added admins too.
