|
Re: Warning: Iframe based attacks using stolen FTP access info
Quote:
In fact that might be correct what ftp software is everyone who has been infected using, i am using filezilla? Paul |
Re: Warning: Iframe based attacks using stolen FTP access info
Hi,
Right i have located the problem can anyone help i am getting the following error Call to undefined function func_generate_joins() in /home/discworld/public_html/include/search.php on line 673 So i have located the file and it says this $search_query .= func_generate_joins($joins); $search_query_count .= func_generate_joins($joins_count); $search_query .= " WHERE ".implode(" AND ", $where); $search_query_count .= " WHERE ".implode(" AND ", $where); if (!empty($groupbys)) { $search_query .= " GROUP BY ".implode(", ", $groupbys); $search_query_count .= " GROUP BY ".implode(", ", $groupbys); } if (!empty($having)) { $search_query .= " HAVING ".implode(" AND ", $having); $search_query_count .= " HAVING ".implode(" AND ", $having); } if (!empty($orderbys)) { $search_query .= " ORDER BY ".implode(", ", $orderbys); $search_query_count .= " ORDER BY ".implode(", ", $orderbys); } # Any ideas what i need to do to solve it? |
Re: Warning: Iframe based attacks using stolen FTP access info
I don't think it is targeting the ftp program. I will know better when the scan is over. It will take a little while as I am going to do an online based one too, just to be safe. Any recommendations? I thought I'd go with TrendMicro Housecall.
|
Re: Warning: Iframe based attacks using stolen FTP access info
I have more than one site on 2 servers and the other has not been compromised to my knowledge. Knock on wood!
|
Re: Warning: Iframe based attacks using stolen FTP access info
tradedvdshop,
Do you have a back-up of include/search.php? I solved the blank page by uploading a back-up copy if you have your ftp working. |
Re: Warning: Iframe based attacks using stolen FTP access info
YOU ARE A SAINT!!
That did the trick thanks mate now i can go home and get some sleep!! Drinks are on me! |
Re: Warning: Iframe based attacks using stolen FTP access info
Glad to be of help - have a great night!
|
Re: Warning: Iframe based attacks using stolen FTP access info
|
Re: Warning: Iframe based attacks using stolen FTP access info
Nice find Acquamarina. While I'm not one to normally share operating system information and what type of software or versions someone may be running, it might be an advantage in this case to provide details on what OS a user is running, what type of system was hacked, and what were the FTP versions, version of X-Cart, mods installed etc.
I don't know if that would HELP or HURT the situation though. We haven't seen any iframe attacks other than the one mentioned, and no ideas on how it was done other than a possible keylogger. Other forums that I frequent are not reporting any new incidents of iFrame attacks either, so it sure seems limited to here on the X-Cart users from what I can tell. |
Re: Warning: Iframe based attacks using stolen FTP access info
We just found another intrusion on one of our servers where only two users are hosted. The intrusion was done on October 22 23:45 - AFTER our scan of the servers had been completed :(
We're re-running scans of servers again - whoever this is, they haven't given up this injection yet. And it's not from Egypt either - it's from Arizona, Phoenix. Starts with 71.38.x.x |
| All times are GMT -8. The time now is 10:54 PM. |
Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.