how is it possible?
they are modificated index.php
We build. You grow.
Get best community software hereStart a social network, a fan-site, an education project with oxwall - free opensource community software
my website is hacked | Forum
Carsten
Mar 19 '17
Maybe it has something to do with phpmailer ?
http://thehackernews.com/2016/12/phpmailer-security.html
https://www.wordfence.com/...ailer-vulnerability/
http://thehackernews.com/2016/12/phpmailer-security.html
https://www.wordfence.com/...ailer-vulnerability/
Onur
Mar 19 '17
they are hacked all my websites. example www.aybilgi.com
they are fucking idiot? am i killed this peoples no? so what is it problem them with me. :(
The Forum post is edited by Onur Mar 19 '17
Leader Senior Developer
Mar 19 '17
Hi Onur!
There is this news:
https://thehackpost.com/kazakhstan-hacked-anonymousfox.html
Was all your Oxwall website changed too? Or only this page?
https://www.ilkok.com/shoutbox/index/message-form-responder/
The other website is a wordpress website, so if you hadn't updated to the newest version, then maybe that's why they could do it.
Senior Developer.
Leader Senior Developer
Mar 19 '17
This is the full list of all the websites hacked by anonymousFox
http://www.zone-h.org/archive/notifier=AnonymousFox/page=1
Usually they only do a defacement, they replace the index.php for another one and you can recover your website replacing the index.php file with the one from your backup.
What can you tell us about your website? and this url?
https://www.ilkok.com/shoutbox/index/message-form-responder/
In that url we can see that they added HTML code to your shoutbox plugin's text, that's why we need to know if all the entire website was defaced, or only that url?
The Forum post is edited by Senior Developer Mar 19 '17
Carsten
Mar 20 '17
He seams quite skilled that Fox :)
So is it just the Shoutbox plugin that is hackable or is there something fundamental with Oxwall ?
So is it just the Shoutbox plugin that is hackable or is there something fundamental with Oxwall ?
Onur
Mar 20 '17
i reinstalled shoutbox. it is not more sending messages. it is redirecting https://www.ilkok.com/shoutbox/index/message-form-responder/
page
Leader Senior Developer
Mar 20 '17
I don't know if it is just the shoutbox or anything else that is vulnerable, Onur is not answering.
Which part of oxwall showed that "hacked" message? The main page? Dashboard? Shourbox widget? everything? or just parts of your website? That info is important in order to help you.
Ketil Ervik
Mar 21 '17
if one allows guests to write in the shoutbox so has focused on problems.
That said, I've never had anything hacker problem with shoutbox, yet!
But not all spam plugin works on Oxwall. The problems vary from plugin to plugins. So therefore it is today, as I see it, only a solution that works against spam: Banning IP from the server permanently. And this one must unfortunately do manually.
1. Install User IP Tracker
So you can see the users IP. And if you click on the IP link on your profile page so that you come across a page with full information.
2. When you see spam user's IP, so open cPanel, scroll down the page until you find the IP Blocker according Security. When you click on IP blocking so you come to a new page. Add IP or Range. in the empty bar, and then click Add.
This feature allows you to block a range of IP addresses two contraception themselve from accessing your site. You can also enter a fully qualified domain name and IP Deny Manager will attempt two loose two an IP address for you.
3. Delete spam user from your Oxwall.
This recipe works for me.
One can also post spam IP from the lists here: stopforumspam
Someother Oxwall plug in this context, has not yet given any satisfactory result for me!
Anyway, one must Also in various plugin write in spam IP Manually.
The Forum post is edited by Ketil Ervik Mar 21 '17
Onur
Mar 21 '17
i dont know what they are added becasuse i deleted them.
they are changed index.php and shoutbox sender files.
they are changed index.php and shoutbox sender files.
Ketil Ervik
Mar 21 '17
Have you scaning the server for virus?
Chnge the password on your admin Oxwall and your cPanel, ftp etc.
The Forum post is edited by Ketil Ervik Mar 21 '17
Theo
Mar 23 '17
Not sure if this is related but there is a vulnerabilities in PHPMailer:
/ow_libraries/vendor/phpmailer/phpmailer/class.phpmailer.php
You should patch the file: https://github.com/PHPMailer/PHPMailer/releases ;
OW-Ghost
Mar 25 '17
Not sure if this is related but there is a vulnerabilities in PHPMailer:the link not working
/ow_libraries/vendor/phpmailer/phpmailer/class.phpmailer.php
You should patch the file: https://github.com/PHPMailer/PHPMailer/releases ;
Carsten
Mar 25 '17
Sometimes, i do really not know what you're doing with a computer and a website Marcus, or whatever your name is, be course, why don't you just delete the crap at the end of the link and you're all good to go ? :)
And it's not to be mean or anything like that, but you sit here on this forum and promote yourself as a businessman with a website and you know stuff, and then you don't know this basic stuff here. It doesn't add up - just saying :)
And it's not to be mean or anything like that, but you sit here on this forum and promote yourself as a businessman with a website and you know stuff, and then you don't know this basic stuff here. It doesn't add up - just saying :)
OW-Ghost
Mar 25 '17
you know what Carsten.
you are not alone bee jealouse on me ;-) it have followed me the hole life in all work i have done there is always jealouse people that try make me look stupid like you now.
try share and do something good here instead of jump on people i not see you bring anything good here yet?
not like people like you at all...ohhh he so stupid could not see the letter in the end....please save me my brain on this guy...
The Forum post is edited by OW-Ghost Mar 25 '17
Theo
Mar 25 '17
Correct link:https://github.com/PHPMailer/PHPMailer/releases
(don't know how a space the the end broke the link)
OW-Ghost
Mar 25 '17
Correct link:https://github.com/PHPMailer/PHPMailer/releasesno problem nobody is perfect i did not see the space in end first...i just click one time that was all and later i was called stupid that did not see the space in end...:) i can not do anything then laugh at it some people have to little to do so they must jump on people.
(don't know how a space the the end broke the link)
