Jump to content

Recommended Posts

Posted

hello

 

it is the second time today, the review adserver 3.2.1 was hacked. In some files where crypted javascript code included. It was found, because of the server error after login

Parse error: syntax error, unexpected T_STRING in xxxx/public_html/pre-check.php on line 114

also scripts like www/delivery/ac.php or afr.php where modified etc.

 

I can send you a copy of modified pre-check.php.

review adserver is now running, because I override it with the original files. but it will take a time, to get hacked again.

 

Is the problem known ?

Posted

In many cases, what you call "hacked", turned out to be a case where someone managed to get their hands on the password of an administrator user. I've seen cases where they then created an extra admin user and have come back months or even years later to compromise the system. Have you checked the users table to look for anything unusual there?

Posted

Yes i did it twice this month. I have a crypted long password etc. This looks like an exploid, which add javascript codes after <BODY> tags in all Scripts of REVIEW Adserver. DB seems to be OK

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...