CMS site hacked - links hikacked [SOLVED]
Posted: Sun Jul 13, 2014 5:19 am
replaced index.php - problem solved extra code added to index.php which I didn't notice because I was reading my local copy of the file instead of downloading it from the server first. The hack was very crude. A div added to the end of the file containing about 10 links. The reason it appeared the home link was overwritten was because these links were at the top left of the screen although invisible.
I have a standard CMS install (1.11.1) on a windows 2003 server with php 5.2.9 and noticed that a couple of the menu links have been hijacked to send users to sales sites that have nothing to do with this one. Its an old site but the version of CMSMS has been updated
When you view the HTML page source the urls are correct.
Usually I can find these by looking for new script files on the server - there were a few (php and asp) which I removed but the hack remains
When you click the home link it diverts to another web site altogether
Ideally I'd like to fix it without re-uninstalling - Has anyone come across this before and if so what was the fix?
if this should be in another section of the forum please move it there
I have a standard CMS install (1.11.1) on a windows 2003 server with php 5.2.9 and noticed that a couple of the menu links have been hijacked to send users to sales sites that have nothing to do with this one. Its an old site but the version of CMSMS has been updated
When you view the HTML page source the urls are correct.
Usually I can find these by looking for new script files on the server - there were a few (php and asp) which I removed but the hack remains
When you click the home link it diverts to another web site altogether
Ideally I'd like to fix it without re-uninstalling - Has anyone come across this before and if so what was the fix?
if this should be in another section of the forum please move it there