This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
December 15, 2008 1:10pm
Subscribe [1]#1 / Dec 15, 2008 1:10pm
One of my clients got hacked as well…
I believe, it came from file upload feature…
I will illustrate you more after my findings…
For now, please disable all public uploading features…
Updated:
I could upload the txt files (or php or js), if I changed the extension.
#2 / Dec 15, 2008 1:15pm
StudioAMK,
I am splitting this off into it’s own thread so we can concentrate on your specific case.
As Lisa said above, we take security very seriously and will do our best to work with you on figuring out what’s going on. To that, we need some additional information from you…
1. EE version and build (found at the bottom of your control panel)
2. Other scripts on your account, whether in use or not (phpBB, etc…)*
* If this is a shared hosting environment, the host can make a determination if the attack came through scripts on another account on the server, which is commonly the case with these types of hacks.
Please check through these files:
* path.php
* config.php
* index.php
to ensure that there is no unusual code such as iFrames or Javascript includes; if you do find that code, then please back-up the file and remove said code. If you are unsure of what does or doesn’t belong in these files, do not hesitate to ask.
I would recommend that you also refresh your files by following the build update instructions.
It seems that you tried to attach something to the forum, but it did not go through. If this is an offending file, please email it to me at .(JavaScript must be enabled to view this email address)
Thank you,
-greg