Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Hakovan joomla sajt sa nekim dump.php i object.php

[es] :: Web aplikacije :: Hakovan joomla sajt sa nekim dump.php i object.php

[ Pregleda: 2056 | Odgovora: 1 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

rdragan79
Dragan R
Novi Sad

Član broj: 12785
Poruke: 582
*.dynamic.sbb.rs.



+7 Profil

icon Hakovan joomla sajt sa nekim dump.php i object.php14.03.2016. u 16:49 - pre 52 meseci
Pozdrav,

Imam problem sa sajtom u joomla 3.4.8 koji sam se trudio da redovno azuriram.

Injectovan je neki dump.php sa nekim kodom ...base64_decode... dobijena je suspenzija, za sada sam ceo sajt sklonio sa hostinga dok ne pokusam da resim problem.



U ranijim bekapima sajta npr. 02.03.2016. i raniji taj dump.php fajl ne postoji

Nazalost nemam pri sebi taj dump.php, ali se navodi

"Prilikom redovnog monitoringa cPanel hosting platforme, utvrdjeno je da se u prostoru predvidjenom za web prezentacije u okviru Vaseg naloga nalaze potencijalno opasni fajlovi:
.../templates/blue-point/php/dump.php"

{HEX}php.base64.v23au.185 : .../administrator/components/com_contenthistory/views/object.php

Ovo je deo izvoda iza raw-access-a

173.201.196.31 - - [13/Mar/2016:05:57:27 +0100] "POST /templates/blue-point/php/dump.php HTTP/1.0" 200 69 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/9.3.1.344"
201.163.239.130 - - [13/Mar/2016:06:18:07 +0100] "POST /templates/blue-point/php/dump.php HTTP/1.0" 200 69 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
184.168.200.207 - - [13/Mar/2016:06:23:04 +0100] "POST /templates/blue-point/php/dump.php HTTP/1.0" 200 69 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/9.3.1.344"
173.254.28.117 - - [13/Mar/2016:06:27:50 +0100] "POST /templates/blue-point/php/dump.php HTTP/1.0" 200 69 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0"
64.21.112.200 - - [13/Mar/2016:06:30:36 +0100] "POST /templates/blue-point/php/dump.php HTTP/1.0" 200 69 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/9.3.1.344"

itd.

Da li neko ima rešenje za ovo?


[Ovu poruku je menjao rdragan79 dana 14.03.2016. u 19:12 GMT+1]

[Ovu poruku je menjao rdragan79 dana 14.03.2016. u 19:17 GMT+1]
 
Odgovor na temu

rdragan79
Dragan R
Novi Sad

Član broj: 12785
Poruke: 582
*.dynamic.sbb.rs.



+7 Profil

icon Re: Hakovan joomla sajt sa nekim dump.php14.03.2016. u 17:05 - pre 52 meseci
207.241.229.26 - - [14/Mar/2016:10:29:47 +0100] "GET /robots.txt HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; archive.org_bot; Wayback Machine Live Record; +[url=http://archive.org/details/archive.org_bot)]http://archive.org/details/archive.org_bot)[/url]"
207.241.229.26 - - [14/Mar/2016:10:29:48 +0100] "GET / HTTP/1.1" 200 1130 "-" "Mozilla/5.0 (compatible; archive.org_bot; Wayback Machine Live Record; +[url=http://archive.org/details/archive.org_bot)]http://archive.org/details/archive.org_bot)[/url]"
207.241.225.244 - - [14/Mar/2016:10:29:57 +0100] "GET /robots.txt HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; archive.org_bot; Wayback Machine Live Record; +[url=http://archive.org/details/archive.org_bot)]http://archive.org/details/archive.org_bot)[/url]"

50.62.208.193 - - [14/Mar/2016:10:40:28 +0100] "POST /modules/mod_wrapper/tmpl/include18.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
182.50.151.69 - - [14/Mar/2016:10:40:31 +0100] "POST /libraries/joomla/facebook/object.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
123.30.187.58 - - [14/Mar/2016:10:40:42 +0100] "POST /modules/mod_tags_popular/tmpl/cloud.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
182.50.132.79 - - [14/Mar/2016:10:40:46 +0100] "POST /templates/blue-point/index.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
198.57.247.248 - - [14/Mar/2016:10:40:47 +0100] "POST /libraries/simplepie/proxy72.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
46.252.205.137 - - [14/Mar/2016:12:01:26 +0100] "POST /templates/blue-point/php/dump.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/9.3.1.344"
97.74.215.118 - - [14/Mar/2016:12:03:25 +0100] "POST /libraries/joomla/facebook/object.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
97.74.144.144 - - [14/Mar/2016:12:04:14 +0100] "POST /modules/mod_tags_popular/tmpl/cloud.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
198.57.247.201 - - [14/Mar/2016:12:05:48 +0100] "POST /modules/mod_related_items/tmpl/file.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
97.74.144.142 - - [14/Mar/2016:12:07:19 +0100] "POST /templates/blue-point/index.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
72.167.190.168 - - [14/Mar/2016:12:08:33 +0100] "POST /libraries/simplepie/proxy72.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
195.62.53.251 - - [14/Mar/2016:12:10:05 +0100] "POST /modules/mod_wrapper/tmpl/include18.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0"


ovo 404 znam šta je, vidim da i dalje traju. Nije mi jasno sta je ovo gore Wayback Machine Live Record
 
Odgovor na temu

[es] :: Web aplikacije :: Hakovan joomla sajt sa nekim dump.php i object.php

[ Pregleda: 2056 | Odgovora: 1 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.