Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum

Get help for TinyWebGallery, the best image gallery. The forum is also home for the Joomla JFUploader, TWG Flash Uploader and the Wordpress flash uploader.
It is currently 28. Mar 2024, 18:59

This forum is readonly now. Please use the new forum if you don't find the answer to your question here. The new forum is at https://www.tinywebgallery.com/blog/forum/


All times are UTC + 1 hour [ DST ]




Post new topic Reply to topic  [ 10 posts ] 
Author Message
 Post subject: Critical Code ?
PostPosted: 17. Oct 2016, 15:36 
Offline

Joined: 1. Aug 2011, 17:33
Posts: 17
Hello,

what is this code in the tfu_zip.class.php good for? This code is in the last line of the original file.

My hoster says, this code is critical and he locked my domain.
$_F=__FILE__;$_X='Pz48P3BocCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBmM25jdDQybiA0c19yNW4xbTUxYmw1KCl7IGdsMmIxbCAkc247IDJiX3N0MXJ0KCk7ICRmID0gZDRybjFtNShfX0ZJTEVfXykgLiAnLycuICd0dycgLiAnZy4nIC4gJ2wnIC4gJzRjJyAuICcucCcgLiAnaHAnOzRmIChmNGw1XzV4NHN0cygkZikpezRuY2wzZDUgJGY7NGYgKDRzczV0KCRzbikpeyRwMnMgPSBzdHJwMnMgKHQoJGQsJHNuKSwgJHNuKTs0ZiAoJHAycyA9PT0gZjFsczUpeyA0ZiAoJHNuICE9ICdsMmMxbGgyc3QnICYmICRkICE9ICRsICl7MmJfNW5kX2NsNTFuKCk7IHI1dDNybiAncyc7fX19JG0gPSBtZGkoc3RyX3IydDZvKCRsIC4gJyAnIC4gJGQpKTs0ZiAoKCdUVycgLiAnRycgLiAkbSAuIHN0cl9yMnQ2bygkbSkpID09ICRzICYmICRsICE9ICgnZicuJzMnLidsJy4nbCcpICYmICRsICE9ICgndGYnLiczXycuJ2I1Jy4ndDEnKSAmJiAkbCAhPSAoJ2InLic1Jy4ndCcuJzEnKSl7MmJfNW5kX2NsNTFuKCk7cjV0M3JuICdURicgLiAnVScgLiBzM2JzdHIoc3RyX3IydDZvKCRtKSwwLDZpKSAuICRtO301bHM1ezJiXzVuZF9jbDUxbigpO3I1dDNybiAndyc7fX0gMmJfNW5kX2NsNTFuKCk7cjV0M3JuICcnOyB9DQo/Pg==';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));

Thanks für info.


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 17. Oct 2016, 16:00 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
Than you got hacked!!!
The last line in the original file is:

function nhash($d) {return strlen(session_id()) . $d;}
?>

Please download JFU again an replace this file. But you should check your whole webspace for modified files!

Best, Michael


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 17. Oct 2016, 17:19 
Offline

Joined: 1. Aug 2011, 17:33
Posts: 17
That can not be.
This last line is in the original file, which I have downloaded after purchase in Feb.2011 !!!!!

Moreover, if I download the uploader again, extract the file and upload the file, then my enterprise license is no longer running.


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 17. Oct 2016, 19:06 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
2011 this was maybe the code to check the license. But meanwhile this has been solved differently.

you need to upgrade the whole uploader as the whole check is now done completely different.
you license is of course still valid.

Best, Michael


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 17. Oct 2016, 19:44 
Offline

Joined: 1. Aug 2011, 17:33
Posts: 17
Ok,
but with the new uploader 3.1_J15 the upload-window in the backend does not appear, in the frontend it works.


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 17. Oct 2016, 21:12 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
You still use Joomla 1.5?


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 27. Oct 2016, 20:07 
Offline

Joined: 1. Aug 2011, 17:33
Posts: 17
There are still pages running with 1.5


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 28. Oct 2016, 10:10 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
But there is a version for 1.5 which works still fine for me for the latest 1.5 version.
So do you get any errors in the backend? e.g. in the Javascript console?

Best, Michael


Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 31. Oct 2016, 19:41 
Offline

Joined: 1. Aug 2011, 17:33
Posts: 17
There is no error in the backend, but the upload-windows doesn't appear.


Attachments:
jfu-pic.jpg
jfu-pic.jpg [ 53.48 KiB | Viewed 7597 times ]
Top
 Profile  
 
 Post subject: Re: Critical Code ?
PostPosted: 31. Oct 2016, 22:57 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
Is there a javascript error?

Best, Michael


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 10 posts ] 

All times are UTC + 1 hour [ DST ]


Who is online

Users browsing this forum: No registered users and 13 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
powered by phpbb | Datenschutz/ Privacy policy