• xomero
  • Junior Member
  • Offline
  • Registered: 2007-04-26
  • Posts: 6

Topic: Hacked site, help please

I read that this can be a PUNBB problem on my hosting, I have several domains in one account within my hosting provider (bluehost), I have installed punbb (today i upgrade to 1.2.19) in "sanmiguelenses.com/foro", i got another domain "ensanmiguel.com", if i type directly in the address bar in firefox i get my page fine. But when i go to google, and make a search for: "site:Ensanmiguel.com" i get my site listed well but when i click on the links to my site, I get a different page, a blog in blogger that redirects to a page to AdultFriendF

As i said, i read that this can be a bug on my punbb instalation, is this true?

can some body help me on this?

  • Utchin
  • PunBB senior member
  • Offline
  • Registered: 2007-02-09
  • Posts: 760

Re: Hacked site, help please

they take me to the same site

http://www.google.co.uk/search?q=site%3 … GB275GB275

paste the google link you get antoher site on

Sorry. Unactive due to personal life.
  • sirena
  • sirena
  • Senior Member
  • Offline
  • Registered: 2006-04-06
  • Posts: 473

Re: Hacked site, help please

I get a 500 error when I visit www.ensanmiguel.com:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster@portal.atsanmiguel.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
--------------------------------------------------------------------------------
Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8g DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.ensanmiguel.com Port 80

I doubt the problem here BTW is PunBB related. Your site may have been compromised at a deeper level.

I mean the server you are on hosts *hundreds* of other sites and a lot of badness can creep into such a server, from all sorts of directions.

  • xomero
  • Junior Member
  • Offline
  • Registered: 2007-04-26
  • Posts: 6

Re: Hacked site, help please

UPDATE:

I found the problem, but not the source of the problem.

The problem was that my page was hijacked with a query string injection, they rewrite my htaccess file with the redirection to a some kind of blog with other porn links.

This hack is very known on the net and in some forums people says that is a problem with a md5 and a query-injetion, probably with a wordpress or punbb bug, i don't know where the problem is exactly, and now I have to search on my entire site to found some other modified files.

  • sirena
  • sirena
  • Senior Member
  • Offline
  • Registered: 2006-04-06
  • Posts: 473

Re: Hacked site, help please

Interesting! Thanks for the update. It's useful to know exactly how these things happen.

Pls let us know if you find out the [SQL?] injection came via PunBB, or via another app.

6 Reply by MattF

  • MattF
  • Senior Member
  • Offline
  • From: South Yorkshire, England
  • Registered: 2007-03-15
  • Posts: 1,956

Re: Hacked site, help please

What version were you running before the update? Btw, the entry point could have been with any piece of software you have installed.

MattF's Website

  • From: Russia
  • Registered: 2007-12-13
  • Posts: 642

Re: Hacked site, help please

MattF wrote:

Btw, the entry point could have been with any piece of software you have installed.

Agree.

xomero, report us any results of your investigations, please.

Carpe diem

Anatoly's Website