| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
X-Cart Home | FAQ | Forum rules | Calendar | User manuals | Login |
Warning: Iframe based attacks using stolen FTP access info | ||||
|
|
Thread Tools |
#91
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Quote:
In fact that might be correct what ftp software is everyone who has been infected using, i am using filezilla? Paul
__________________
X-Cart version 4.1.3 Blank DVD Blank Cd Blank Media Dvd Case http://www.discworlduk.co.uk |
|||||||
#92
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Hi,
Right i have located the problem can anyone help i am getting the following error Call to undefined function func_generate_joins() in /home/discworld/public_html/include/search.php on line 673 So i have located the file and it says this $search_query .= func_generate_joins($joins); $search_query_count .= func_generate_joins($joins_count); $search_query .= " WHERE ".implode(" AND ", $where); $search_query_count .= " WHERE ".implode(" AND ", $where); if (!empty($groupbys)) { $search_query .= " GROUP BY ".implode(", ", $groupbys); $search_query_count .= " GROUP BY ".implode(", ", $groupbys); } if (!empty($having)) { $search_query .= " HAVING ".implode(" AND ", $having); $search_query_count .= " HAVING ".implode(" AND ", $having); } if (!empty($orderbys)) { $search_query .= " ORDER BY ".implode(", ", $orderbys); $search_query_count .= " ORDER BY ".implode(", ", $orderbys); } # Any ideas what i need to do to solve it?
__________________
X-Cart version 4.1.3 Blank DVD Blank Cd Blank Media Dvd Case http://www.discworlduk.co.uk |
|||||||
#93
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
I don't think it is targeting the ftp program. I will know better when the scan is over. It will take a little while as I am going to do an online based one too, just to be safe. Any recommendations? I thought I'd go with TrendMicro Housecall.
__________________
Vera B 4.4.5 CFLSystems.com mods, Kosmos eBay Integration, Feed Manager Pro, custom mods, BCSEngineering Mods, CDSEO PRO Hosting by EWDHosting - The best home for your x-cart. |
|||||||
#94
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
I have more than one site on 2 servers and the other has not been compromised to my knowledge. Knock on wood!
__________________
Vera B 4.4.5 CFLSystems.com mods, Kosmos eBay Integration, Feed Manager Pro, custom mods, BCSEngineering Mods, CDSEO PRO Hosting by EWDHosting - The best home for your x-cart. |
|||||||
#95
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
tradedvdshop,
Do you have a back-up of include/search.php? I solved the blank page by uploading a back-up copy if you have your ftp working.
__________________
Vera B 4.4.5 CFLSystems.com mods, Kosmos eBay Integration, Feed Manager Pro, custom mods, BCSEngineering Mods, CDSEO PRO Hosting by EWDHosting - The best home for your x-cart. |
|||||||
#96
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
YOU ARE A SAINT!!
That did the trick thanks mate now i can go home and get some sleep!! Drinks are on me!
__________________
X-Cart version 4.1.3 Blank DVD Blank Cd Blank Media Dvd Case http://www.discworlduk.co.uk |
|||||||
#97
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Glad to be of help - have a great night!
__________________
Vera B 4.4.5 CFLSystems.com mods, Kosmos eBay Integration, Feed Manager Pro, custom mods, BCSEngineering Mods, CDSEO PRO Hosting by EWDHosting - The best home for your x-cart. |
|||||||
#98
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
__________________
Vera B 4.4.5 CFLSystems.com mods, Kosmos eBay Integration, Feed Manager Pro, custom mods, BCSEngineering Mods, CDSEO PRO Hosting by EWDHosting - The best home for your x-cart. |
|||||||
#99
|
|||||||||
|
|||||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Nice find Acquamarina. While I'm not one to normally share operating system information and what type of software or versions someone may be running, it might be an advantage in this case to provide details on what OS a user is running, what type of system was hacked, and what were the FTP versions, version of X-Cart, mods installed etc.
I don't know if that would HELP or HURT the situation though. We haven't seen any iframe attacks other than the one mentioned, and no ideas on how it was done other than a possible keylogger. Other forums that I frequent are not reporting any new incidents of iFrame attacks either, so it sure seems limited to here on the X-Cart users from what I can tell.
__________________
Conor Treacy - Big Red SEO - @bigredseo Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding! If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet. Omaha SEO Office with National & Local SEO Services Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance |
|||||||||
#100
|
|||||||||
|
|||||||||
Re: Warning: Iframe based attacks using stolen FTP access info
We just found another intrusion on one of our servers where only two users are hosted. The intrusion was done on October 22 23:45 - AFTER our scan of the servers had been completed
We're re-running scans of servers again - whoever this is, they haven't given up this injection yet. And it's not from Egypt either - it's from Arizona, Phoenix. Starts with 71.38.x.x
__________________
Conor Treacy - Big Red SEO - @bigredseo Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding! If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet. Omaha SEO Office with National & Local SEO Services Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance |
|||||||||
|
|||
X-Cart forums © 2001-2020
|