Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 05 Oct 2013, 14:06
naveed.lodhi naveed.lodhi is offline
 
Join Date: Apr 2013
Real name: Naveed A. Lodhi
Angry Can't Remove an iFrame

I don't know what happened, but I think some hacker has put some iFrame on top of my website.

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

I tried to search it from phpmyadmin, found some files, change and removed the code, but still its there. I have checked the templates but I can't find it there. What should I do?

You can check my website: http://www.yopakistan.com/forum.php and view its source and see the top most line.
__________________
Life is very short, so do things quickly but in a right way...
A Simple Web Developer | YOUTH OF PAKISTAN FORUM
Reply With Quote
  #2  
Old 05 Oct 2013, 14:13
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Real name: Chris
Sorry to hear about your troubles.

First you need to follow our advisory about deleting the install folder off your forums.

Then please read the following two blog posts:
http://www.vbulletin.com/forum/blogs...ve-been-hacked

http://www.vbulletin.com/forum/blogs...vbulletin-site

Also please see these recent security announcements:

vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum...-1-vbulletin-5
vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum...d-all-versions
__________________
You can get access to my 180 mods for vB 3.6 - 4.x at The Admin Zone as well as the professional support you are used to. New vBulletin Spider Definitions, vBulletin Spiders List Hits 1000 Spiders! ​ OzzModz down. Site has had a data breach, checking how the intrusion happened. Change your PW if you use the same one on my site and others.
Reply With Quote
  #3  
Old 05 Oct 2013, 15:09
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Real name: Sven
Given the location of the iframe at the very top of the page, before the html output, I would look for the malicious code inside the php files, not the templates or plugins.
__________________
Please note that there will be no further updates to my addons, especially they will not be upgraded for vB5. I'm leaving vB, since IB choose to go the banana-way yet again.

http://www.roma-antiqua.de
Reply With Quote
  #4  
Old 05 Oct 2013, 16:11
naveed.lodhi naveed.lodhi is offline
 
Join Date: Apr 2013
Real name: Naveed A. Lodhi
when I open the domain like yopakistan.com it also gives me error:

Unable to add cookies, header already sent.
File: /home/yopancom/public_html/index.php
Line: 42
__________________
Life is very short, so do things quickly but in a right way...
A Simple Web Developer | YOUTH OF PAKISTAN FORUM
Reply With Quote
  #5  
Old 05 Oct 2013, 16:15
fxdigi-cash fxdigi-cash is offline
 
Join Date: Jul 2012
or search for iframe in your templates if nothing found
__________________
Shoot me a PM if I didn't reply in your post when you needed help. I can't remember things easily
Reply With Quote
  #6  
Old 05 Oct 2013, 16:35
naveed.lodhi naveed.lodhi is offline
 
Join Date: Apr 2013
Real name: Naveed A. Lodhi
@Cellarious: I found the issue in the Index.php file.


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

I will re-install the forum so that there should be a clean installation. I wonder this will clear the Header Already Sent error as well.
Thank you so much for helping
__________________
Life is very short, so do things quickly but in a right way...
A Simple Web Developer | YOUTH OF PAKISTAN FORUM
Reply With Quote
  #7  
Old 05 Oct 2013, 19:25
fxdigi-cash fxdigi-cash is offline
 
Join Date: Jul 2012
I see that the issue you were suffering has gone!!!

great to know
__________________
Shoot me a PM if I didn't reply in your post when you needed help. I can't remember things easily
Reply With Quote
  #8  
Old 05 Oct 2013, 19:31
nerbert nerbert is offline
 
Join Date: May 2008
Originally Posted by naveed.lodhi View Post
I wonder this will clear the Header Already Sent error as well.
Yes it should. I would be curious to know if you see any trace of this in the admincp logs. Normally to modify a file you would have to go through your server but you could do it with a temporary plugin using filesystem functions.
Reply With Quote
Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
Add iframe Rickie3 vBulletin 3.5 Template Modifications 46 12 Oct 2013 18:58



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 05:27.

Layout Options | Width: Wide Color: