Moderated by: FocalMedia Team, Miles, Gerrit, Rian
FocalMedia.Net Forums » PowerSeek »  Discussions, Suggestions & Tips, Tricks

Page: 1 of 1

« Back to Topic Index Page 3 | Replies: 1

 Author  Topic: powerseek hacked?
joli422

New Member
  

     		Post a Reply To This Topic    Reply With Quotes     Edit Message     View Profile of joli422  Posted on: Dec 27, 2007 - 3:58pm
My index file and every index file in every category were replaced with an iframe pointing to a site laden with viruses. This appears to only have affected my powerseek files. Can someone point me in the direction to a solution to this problem - I think my site was compromised via the powerseek software itself and am searching for a way to prevent this in the future. thanks for any and all ideas / solutions.
Total Posts: 1 | Joined: Dec 27, 2007 - 3:24pm | IP Logged

FocalMedia Team

Moderator
  

     		Post a Reply To This Topic    Reply With Quotes     Edit Message     View Profile of FocalMedia Team  Posted on: Dec 28, 2007 - 1:08am
In situations like these that I have seen in the past the hacked pages contains an IFRAME launcher script. You can read what this is here:
http://www.pcworld.com/printable/article/id,126508/printable.html

Also if you leave setup.cgi in the cgi-bin directory then this causes a security hole. It has to be deleted. The control panel warns about this after you logged in and instructs you to delete it.

Regenerate your HTML files and re-do the front page. That should solve the problem straight away.

For safety I would recommend you do the following:

- Upgrade PowerSeek to the latest version. This will overwrite all existing scripts. You can find upgrade instructions here:
http://www.focalmedia.net/pseekmanual/pseek1.html#1_4

- Change all hosting related passwords including the PowerSeek control panel's user name and password. The easiest way to change the PowerSeek control panel's password is to download a file called config.cgi inside the cgi-bin directory where the PowerSeek installation resides. Then edit it with a text editor like Textpad - http://www.textpad.com

Alternatively you can upload setup.cgi (from the installation archive) to the 'admin' directory where the PowerSeek 'admin' scripts reside. Then assign the permission setting of 755 to it and load it inside your browser to change the user name and password of the PowerSeek control panel.

Gerrit
Total Posts: 1453 | Joined: Jul 27, 2002 - 4:28am | IP Logged


Lock Topic

 

Forum Legend

New Member

Reply to topic

More than 50 posts | Member

Reply to topic with quoted message

More than 100 posts | Full Member

Edit Message

More than 150 posts | Advanced Member

View profile

More than 200 posts | Advanced Member

Email member