Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum
https://www.tinywebgallery.com/forum/

Our site Hacked by Hacked By CWCihaN Powered By CyberShell =
https://www.tinywebgallery.com/forum/viewtopic.php?f=5&t=2181
Page 1 of 1

Author:  hsvdiane [ 2. Oct 2009, 19:44 ]
Post subject:  Our site Hacked by Hacked By CWCihaN Powered By CyberShell =

HELP!!! Our site was hacked by Hacked By CWCihaN Powered By CyberShell =)

They uploaded files to the Joomla Uploader and hacked the whole site!! What do I do?????

Author:  TinyWebGallery [ 2. Oct 2009, 20:34 ]
Post subject: 

What file extensions do you allow to upload?
And how do you know that the attack was done this way?

- Michael

Author:  TinyWebGallery [ 2. Oct 2009, 20:55 ]
Post subject: 

and what do you mean with "they uploaded files to" ?

Did they upload file to the JFU directory itself? and executed something there? So did they only try to hide their file in the JFU folder?

Do you have any more details?

- Michael

Author:  TinyWebGallery [ 2. Oct 2009, 21:19 ]
Post subject: 

or have you made a copy of the administrator profile and made it available in the frontend - because this gives full access for everyone.

- Michael

Author:  hsvdiane [ 3. Oct 2009, 01:15 ]
Post subject:  Hacked

I set it up so that .jpg., jpeg, .gif and ping file can be uploaded.

No, everyone cannot get in into administration. I set up two uploads, one for the owner of the site and one for their clients.

When they uploaded, it went to my my upload file in media files.

The site went down before I could get the file name. But, of was similar to this:

something.php.jpg

They uploaded seven files to the area where customer file go.

It took the whole site down. What do I do? If I go to the ftp of my server and erase everything and then upload and reload joomla and your program?

Author:  TinyWebGallery [ 3. Oct 2009, 01:34 ]
Post subject: 

have you allowed that they rename files? because a .jpg file cannot be executed!

and if then you have to check your server - this should not be possible! you first have to make sure that this is possible.

After that you can reload joomla and JFU.

If you don't know the settings anymore they should still be in the database.

- Michael

Author:  hsvdiane [ 3. Oct 2009, 03:35 ]
Post subject:  Hacked

Here is the website where this happened. http://www.villagelandscapear.com
Yes, there is a place where they rename the files. Come to think of it after some of the files were uploaded, and I received another .jpg files when I went back to look at the files again almost all the files were gone. So they must have renamed them and done something with them. I am going to clean out my whole site. The I am going to reupload everything again. Will get back with you.

Page 1 of 1 All times are UTC + 1 hour [ DST ]
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/