Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Code Igniter PHP injection vulnerabilities ?
Code Igniter PHP injection vulnerabilities ?
  • El Forum
    Guest
  •  
#1
09-09-2013, 02:47 AM

[eluser]Unknown[/eluser]
Hello,

I have done a simple CodeIgniter site and it keep being hacked. Someone is deleting and/or replacing my index.php

Do you think this vulnerability is caused by a hole in my PHP or simply because of my server configuration ?
(I do not have any input forms on my site therefore the attacker can only make use of an URL/URI attack)

I have my application and system folders on the root of my site since I do not have FTP access above (my hosting service doesn't allow it), but as the CI manual recommends I changed their names.

Is the recent CodeIgniter known to be still vulnerable to some of the following ?
http://exploitsdownload.com/search/codeigniter/

I don't know what to do. Does anybody have any idea in which direction should I be looking to solve this issue ???

I also have an .htacces, could that be the cause ?

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /


#Removes access to the system folder by users.
#Additionally this will allow you to create a System.php controller,
#previously this would not have been possible.
#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^my_system_encrypted_name.*
RewriteRule ^(.*)$ /index.php?/$1 [L]

#When your application folder isn't in the system folder
#This snippet prevents user access to the application folder
#Rename 'application' to your applications folder name.
RewriteCond %{REQUEST_URI} ^my_application_encrypted_name.*
RewriteRule ^(.*)$ /index.php?/$1 [L]

#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]

</IfModule>

<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
# Submitted by: ElliotHaughin

ErrorDocument 404 /index.php
</IfModule>

<IfModule mod_deflate.c>
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
</IfModule>

  • El Forum
    Guest
  •  
#2
09-09-2013, 02:50 AM

[eluser]Unknown[/eluser]
I think I am going to render all of my pages to simple plain HTML and see if the attack still occurs so that I can eliminate the hypothesis that there is something wrong with my PHP.




Theme © iAndrew 2016 - Forum software by © MyBB