0

Good evening everyone. I have a php based site which was designed a few years ago. I have done very little with the site since I purchased it because I was not very familiar with PHP. Well I still am not very familiar with PHP, but I am more familiar with Web design and several programming languages which makes it much easier for me to understand what is going on with many of the pages of the site. Anyhow, about a year or two ago, the site was hacked. There is all fictitious information on the site (users, information, etc...) and since I did not do anything with the site, I did not ever do anything. However, now I am looking to play around with the site and possibly do something with it, but I cannot get anything to function properly due to the site being hacked. I have went into many of the pages of code and cannot see anything which sticks out. I have no idea how the site was hacked, what to do to get the site to function properly, or how to patch the problematic area(s) of the site from being hacked again. For most of the day today I have been reading up on SQL injection attacks and cross-site scripting attacks as I am assuming at least one of these was what was used. While, I have learned a lot about both, I am still fairly clueless as to where to go from here. If anyone could help out I would greatly appreciate it.

Here is a link to the site: www.owlanswer.com

Here is a message which was forced onto one of the pages of the site: Hacked by ehsan! IRANIAN THE BEST HACKERS IN THE WORLD! www.only4dl.Tk E-mail:Ehsan_Hp200

Here is the error message I get when I click on the page in question from the home page of the site: A potentially dangerous Request.QueryString value was detected from the client (404;http://parsaspace.com:80/ehsan/hacked by eh</td><td align="'center'><a href='category.ph

The intended page comes up for a few seconds and then is redirected to the address above. This error is only present when accessing the site from Firefox (i have the latest version installed), but not IE (again the latest version installed). I have not tried any other browsers at this time.

Does anyone have any tips, help or assistance they can provide me in this matter? Any ideas on where I can start. I have read a lot about mysql-real-escape-string, but I can't figure out how or where I would need to place this within the site. Thanks in advance and I look forward to talking with someone soon.

Ps: If it matters, I have downloaded the free version of Acunetix Web Vulnerability Scanner and it has found 56 possibly high level vulnerabilities to Cross Site Scripting (XSS) attacks. I am not really too sure how to use the software to further investigate these vulnerabilities any further, or if they are valid vulnerabilities.

Edited by jobojo: n/a

2
Contributors
1
Reply
2
Views
7 Years
Discussion Span
Last Post by JRM
0

Sorry to say, but it sounds like you need a MAJOR re-write.
Maybe the simplest thing to do is to use a open source CMS like Joomla or Drupal to put your content on. They have most of the security stuff worked out already. There is just too much to it all to explain here...

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.