1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

define.inc.php, settings.class.php injected in images folder

Discussion in 'PHP' started by Alfie, Feb 25, 2013.

0
  1. #1
    Hi All,
    I was wondering what happened, when i look into my images, javascript folders etc.. i see define.inc.php, settings.class.php, news2.class.php, article5.class.php files somehow injected automatically. I have google'd it and couldn't find any solution for this. Kindly help me to resolve this issue.
     
    Alfie, Feb 25, 2013 IP
  2. sarahk

    sarahk iTamer Staff

    Messages:
    28,500
    Likes Received:
    4,460
    Best Answers:
    123
    Trophy Points:
    665
    #2
    If the files aren't part of your CMS then the first thing to do is either move them or delete them.

    Then you need to use your FTP tool to change the permissions on those folders to 666.

    If the permissions were ok then you need to find the unsecure file in your install that gave the hackers access.

    What CMS are you using?
     
    sarahk, Feb 25, 2013 IP
  3. cballou

    cballou Member

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    41
    #3
    It sounds like you have an upload script somewhere on your site that's prone to malicious attacks. First, follow sarahk's suggestions to tighten up the directory permissions of your upload folder. Next, you need to track down your uploader code and perform the following:

    1. Do a file extension check on the file the user is attempting to upload. Make sure it ends in a valid file extension (array('gif', 'png', 'jpg', 'jpeg')).
    2. If you really want to be cautious, perform a file metadata lookup to try and determine the MIME type of the file using the Fileinfo PHP extension http://www.php.net/manual/en/ref.fileinfo.php
    3. When you upload the images, make sure you set their permissions to non-executable: i.e. 0644
     
    cballou, Mar 5, 2013 IP
  4. EricBruggema

    EricBruggema Well-Known Member

    Messages:
    1,740
    Likes Received:
    28
    Best Answers:
    13
    Trophy Points:
    175
    #4
    and use getimagesize() from PHP
     
    EricBruggema, Mar 8, 2013 IP
  5. gree124

    gree124 Well-Known Member

    Messages:
    720
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    128
    #5
    i also facing above problem my forum whereas my site works but forum page show error and my memory load is also high
     
    gree124, Mar 13, 2013 IP
  6. Rukbat

    Rukbat Well-Known Member

    Messages:
    2,908
    Likes Received:
    37
    Best Answers:
    51
    Trophy Points:
    125
    #6
    From your description it could be dozens of things. If we saw the complete error message we might be able to make a guess.
     
    Rukbat, Mar 15, 2013 IP