 hi i have dolphin site http://noozradio.com version 7.3.2 which appears to be taken over when i open it, it loads then forwards to a hack site stating "Owned by ez4kn Your security have broken down !"
all links/pages on site are compromised, i can however get into admin area only
has anyone got any ideas where i should look to get back my site? cheers mike |
noticed that 94 dolphin sites have been taken over/ hacked today by ez4kn when i did a simple search https://www.google.com.au/search?q=ez4kn+hack&ie=&oe=#q=ez4kn+hack&filter=0
I attached the page that loads when i open my site |
Let me know if you need your site back up... If you can get into admin panel - go to settings - basic settings - and remove the code from the splash box. Should be at the bottom 1 or 2 lines of code after the last 2 or 3 </div> tags If you can't get into admin panel then look in the sys_options table in the database for ez4kn https://dolphin-techs.com - Skype: Dolphin Techs |
as dolphin jay said.... also check your .htaccess file and index.php
let me know if you need some help cheers and good luck- |
Many Thanks !!! found the snippet in splash box and now its back working :) Let me know if you need your site back up... If you can get into admin panel - go to settings - basic settings - and remove the code from the splash box. Should be at the bottom 1 or 2 lines of code after the last 2 or 3 </div> tags If you can't get into admin panel then look in the sys_options table in the database for ez4kn
|
Your welcome. https://dolphin-techs.com - Skype: Dolphin Techs |
Do we know where the exploit is? Is it fixed in 7.3.3? |
My site was taken over by this exact same thing. I found it also in the splash area of the basic settings menu
How did they get it in there! All for one and one for all....ah sod it who am i kidding! |
My site was taken over by this exact same thing. I found it also in the splash area of the basic settings menu
How did they get it in there! Knowing the exploit is important as to prevent future hacks. Was this a brute force hack of the admin account? I don't like Boonex's idea of the admin account being a regular account and especially when the admin account is created as number one on installation. So I start a brute attack against ID 1 on a Dolphin site knowing that if I can can gain control of that account I get admin access to the site. It is a hole in Dolphin that needs to be closed. Of course one thing you can do is to move the admin account from ID 1 and I suggest all Dolphin admins to do so. Geeks, making the world a better place |
If the site was on 7.3.2 or lower and wasn't patched, it was probably this: https://www.boonex.com/forums/topic/Dolphin-7-3-3-Manual-Security-Fix.htm
That'd allow full access to files - and with a little extra effort - the database also. I'd check for any modified files within the last month or so. It's also possible if there was a weak password set on the admin account, it could have been that also.
Best way to keep this from happening again is to always be on the latest version or at least up-to-date on security fixes, have strong passwords for accounts (as well as cPanel/FTP), and to also make sure there is no malware on the computer that logs into the site or FTP. BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
Just about every day I get an error in my logs about the 7.3.3 line 187. I forget the exact error because they have been cleared out at the moment, but it's something like error in admin.inc.php line 187 string expected but array given, or something along those lines. So, hopefully it is working and fixed right. DialMe.com - Your One and Only Source For Boonex Dolphin Tutorials and Resources |
Both of our websites are hacked.. we cannot access the Admin Panel and we do not have any knowledge of how to access a sys_options table in the database for ez4kn .... can someone please assist us? Or please provide a little more detail instructions. Thanks in advance. |
Do you know how to access the Admin Panel? http://mysite.com/administration Then enter your admin user name and password. If you don't know how to access the database, it's probably best you don't try. It's easy to screw things up. Someone will offer to help eventually, so just hang in there.
|
I can help, it will be Monday before I could look at it. Geeks, making the world a better place |
I can help, it will be Monday before I could look at it. Great! Please message us to discuss! |
