Site hacked
Rishi
I have found just this issue related to 3.5.0.3 in web :
http://www.securityfocus.com/bid/27211
As I know you are a Docebo translator . So you can discuss about it in
google group to get answers from Docebo authors and staff .
Regards
Message modified by : omid020 on : 26/02/2008 22:02
Our hosting account supporter said "
You have a phishing site on your account.
http://egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP
http://www.egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid>
&UsingSSL=1&email=&userid=
The programs that operate database-driven sites are vulnerable to
hackers, who can (and do) exploit bugs in those programs to gain
unauthorized access to your site.
Thene I removed all docebo file and phpmysql db. after that they have
reactivated our site. I checked the docebo sql files it is went more
that 50mb file size. So ican't backup the the db also. I have created
this sites for tamil docebo marketing and anothe one for India
international software developer conference (www.indiasoft2008.com)
But all files gone. That conferene will held on march 19th 2008. We
decided to show docebo on there conference (last year we showed docebo
on this conference without video and audio) Now we have created video,
flash online interactivity tools ( our own online interactivity
tools). It is developed by FMS3. Anyway I am trying to recover those
sites from my mind.
Rishi
www.vgrishi.com
Hello,
Our docebo site www.eclass4u.com has hacked with sombody. They said
this is the hacked person " eBay Offer for "Callaway Tour Blue 35"
Putter. We had started docebo forum. They have send lot of spam mail
from our docebo site.
We got one mail from hosting company see that:
From: <sup...@bluehost.com>
Date: Sat, Feb 23, 2008 at 11:24 AM
Subject: WEB HOSTING ACCOUNT DEACTIVATED for ECLASS4U.COM
To: nagaraja...@gmail.com
Dear Nagarajan:
Your web hosting account for eclass4u.com has been deactivated
(reason: terms of service violation).
Although your web site has been disabled, your data may still be
available.
If you feel this deactivation is in error, please contact customer
support as
soon as possible.
Thank you,
BlueHost.Com Support
http://www.bluehost.com
For support go to http://helpdesk.bluehost.com/
Toll-Free: (888) 401-4678
They have send details to me :
Unfortunately for a hacking issue there is nothing we can do about
this.
make sure you have all your files backed up and every time you get
hacked, simply replace the files effected.
you can also make sure that if you have any installation like
wordpress, phpBB, phpNuke, and so on that they are the current updated
version and not an older version. the older visions have security
holes and are venerable to hacking.
Also Chances are if your using php that there are issues with your php
scripts on your site. You need to make sure that you have looked into
the security protections on your php files. php injection is the most
likely avenue.
Then I removed all docebo files. and mysql db. after that they have
actiated our site. now it is working without docebo.
Now i want to say onething. Pls see this site also. www.egoverning.net.
goto this site you can see our site has deactivated for this issues.
Pls help me. How can i solve this isssue.
Fabio Pirovano
, we have released a fix for this problem some time ago, you can find it
in the bugtracker here, and also it will be included in the 3504 that we
hope to release this week or the next one
http://www.docebo.org/doceboCms/bugtracker/18_124/bugdetails/appid_24-bugid_198/bugtracker.html
the best way in order to backup large databases, imho, is to use the
mysqldump utility included in the mysql distribution.
Bye
Fabio
Rishi ha scritto:
David Piñeros
Rishi
Please see the following messgaes form our hosting company. Our
docebo site all hacked. wherever we had installed docebo all site has
hacked.
Docebo team please check this issue.
Following message from our Hosting company. ( alread i have shown one
message from bluehost)
Also we have suspended your site worldtamilnet.com as it is being used
to hack into our server. The docebocms is being used for the hack
purpose, so you are requested to remove any docebo installations you
have on any of your domains as it is a vulnerable application.
Best Regards,
Anne P.
http://www.AwareIndia.net
----------------------------------------------
Ticket ID: #687350
Subject: Re: Third Invoice Overdue Notice
Status: Answered
Ticket URL: http://www.awareindia.net/clients/viewticket.php?tid=687350&c=PDTyA5hd
----------------------------------------------
Rishi
On Feb 27, 8:50 pm, "David Piñeros" <david.pine...@gmail.com> wrote:
> Fabio
>
> Can be used this patch in docebo 3.0X ?
>
> David
>
> 2008/2/27, Fabio Pirovano <fa...@docebo.com>:
>
>
>
> > Hi RiIshi
> > , we have released a fix for this problem some time ago, you can find it
> > in the bugtracker here, and also it will be included in the 3504 that we
> > hope to release this week or the next one
>
> > the best way in order to backup large databases, imho, is to use the
> > mysqldump utility included in the mysql distribution.
>
> > Bye
> > Fabio
>
> > Rishi ha scritto:
>
> > > Object : Re: Our Docebo site hacked
> > > I have found just this issue related to 3.5.0.3 in web :
> > >http://www.securityfocus.com/bid/27211
> > > As I know you are a Docebo translator . So you can discuss about it in
> > > google group to get answers from Docebo authors and staff .
> > > Regards
> > > Message modified by : omid020 on : 26/02/2008 22:02
>
> > > Our hosting account supporter said "
>
> > > You have a phishing site on your account.
> > >http://egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP
>
> > > &UsingSSL=1&email=&userid=
>
> > > The programs that operate database-driven sites are vulnerable to
> > > hackers, who can (and do) exploit bugs in those programs to gain
> > > unauthorized access to your site.
>
> > > Thene I removed all docebo file and phpmysql db. after that they have
> > > reactivated our site. I checked the docebo sql files it is went more
> > > that 50mb file size. So ican't backup the the db also. I have created
> > > this sites for tamil docebo marketing and anothe one for India
> > > international software developer conference (www.indiasoft2008.com)
> > > But all files gone. That conferene will held on march 19th 2008. We
> > > decided to show docebo on there conference (last year we showed docebo
> > > on this conference without video and audio) Now we have created video,
> > > flash online interactivity tools ( our own online interactivity
> > > tools). It is developed by FMS3. Anyway I am trying to recover those
> > > sites from my mind.
> > > Rishi
> > >www.vgrishi.com
>
> > > Hello,
>
> > > Putter. We had started docebo forum. They have send lot of spam mail
> > > from our docebo site.
>
> > > We got one mail from hosting company see that:
>
> > > Date: Sat, Feb 23, 2008 at 11:24 AM
> > > Subject: WEB HOSTING ACCOUNT DEACTIVATED for ECLASS4U.COM
> > > To: nagarajan.vadi...@gmail.com
>
> > > Dear Nagarajan:
> > > Your web hosting account for eclass4u.com has been deactivated
> > > (reason: terms of service violation).
> > > Although your web site has been disabled, your data may still be
> > > available.
> > > If you feel this deactivation is in error, please contact customer
> > > support as
> > > soon as possible.
> > > Thank you,
> > > BlueHost.Com Support
> > >http://www.bluehost.com
Fabio Pirovano
have they tell you what kind of attack or some info about it ?
Rishi ha scritto:
Fabio Pirovano
different in the 3.0.x
bye,
Fabio
David Piñeros ha scritto:
> Fabio
>
> Can be used this patch in docebo 3.0X ?
>
> David
>
> 2008/2/27, Fabio Pirovano <fa...@docebo.com <mailto:fa...@docebo.com>>:
>
>
> Hi RiIshi
> , we have released a fix for this problem some time ago, you can
> find it
> in the bugtracker here, and also it will be included in the 3504
> that we
> hope to release this week or the next one
>
> http://www.docebo.org/doceboCms/bugtracker/18_124/bugdetails/appid_24-bugid_198/bugtracker.html
>
> the best way in order to backup large databases, imho, is to use the
> mysqldump utility included in the mysql distribution.
>
> Bye
> Fabio
>
> Rishi ha scritto:
>
> > Object : Re: Our Docebo site hacked
> > I have found just this issue related to 3.5.0.3 <http://3.5.0.3>
> in web :
> > http://www.securityfocus.com/bid/27211
> > As I know you are a Docebo translator . So you can discuss about
> it in
> > google group to get answers from Docebo authors and staff .
> > Regards
> > Message modified by : omid020 on : 26/02/2008 22:02
> >
> > Our hosting account supporter said "
> >
> > You have a phishing site on your account.
> >
> http://egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP
> >
> http://www.egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid
> <http://www.egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid>>
> > &UsingSSL=1&email=&userid=
> >
> > The programs that operate database-driven sites are vulnerable to
> > hackers, who can (and do) exploit bugs in those programs to gain
> > unauthorized access to your site.
> >
> > Thene I removed all docebo file and phpmysql db. after that they
> have
> > reactivated our site. I checked the docebo sql files it is went more
> > that 50mb file size. So ican't backup the the db also. I have
> created
> > this sites for tamil docebo marketing and anothe one for India
> > international software developer conference
> (www.indiasoft2008.com <http://www.indiasoft2008.com>)
> > But all files gone. That conferene will held on march 19th 2008. We
> > decided to show docebo on there conference (last year we showed
> docebo
> > on this conference without video and audio) Now we have created
> video,
> > flash online interactivity tools ( our own online interactivity
> > tools). It is developed by FMS3. Anyway I am trying to recover those
> > sites from my mind.
> > Rishi
> > www.vgrishi.com <http://www.vgrishi.com>
> >
> >
> > Hello,
> >
> > Our docebo site www.eclass4u.com <http://www.eclass4u.com> has
> hacked with sombody. They said
> > this is the hacked person " eBay Offer for "Callaway Tour Blue 35"
> > Putter. We had started docebo forum. They have send lot of spam mail
> > from our docebo site.
> >
> > We got one mail from hosting company see that:
> >
> > From: <sup...@bluehost.com <mailto:sup...@bluehost.com>>
> > Date: Sat, Feb 23, 2008 at 11:24 AM
> > Subject: WEB HOSTING ACCOUNT DEACTIVATED for ECLASS4U.COM
> <http://ECLASS4U.COM>
> > To: nagaraja...@gmail.com <mailto:nagaraja...@gmail.com>
> >
> > Dear Nagarajan:
> > Your web hosting account for eclass4u.com <http://eclass4u.com>
> www.egoverning.net <http://www.egoverning.net>.
> > goto this site you can see our site has deactivated for this issues.
> >
> > Pls help me. How can i solve this isssue.
> >
> >
> >
> >
>
>
> ------------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.516 / Virus Database: 269.21.1/1300 - Release Date: 26/02/2008 19.50
>
Rishi
Thank you
On Mar 12, 1:52 pm, Fabio Pirovano <fa...@docebo.com> wrote:
> If you need copy only the lib.regset file, the lib.lang.php was
> different in the 3.0.x
>
> bye,
> Fabio
>
> David Piñeros ha scritto:
>
> > Fabio
>
> > Can be used this patch in docebo 3.0X ?
>
> > David
>
> > 2008/2/27, Fabio Pirovano <fa...@docebo.com <mailto:fa...@docebo.com>>:
>
> > Hi RiIshi
> > , we have released a fix for this problem some time ago, you can
> > find it
> > in the bugtracker here, and also it will be included in the 3504
> > that we
> > hope to release this week or the next one
>
> > the best way in order to backup large databases, imho, is to use the
> > mysqldump utility included in the mysql distribution.
>
> > Bye
> > Fabio
>
> > Rishi ha scritto:
>
> > > Object : Re: Our Docebo site hacked
> > > I have found just this issue related to 3.5.0.3 <http://3.5.0.3>
> > in web :
> > >http://www.securityfocus.com/bid/27211
> > > As I know you are a Docebo translator . So you can discuss about
> > it in
> > > google group to get answers from Docebo authors and staff .
> > > Regards
> > > Message modified by : omid020 on : 26/02/2008 22:02
>
> > > Our hosting account supporter said "
>
> > > You have a phishing site on your account.
>
> > http://egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=SignInFPP
>
> > <http://www.egoverning.net/cacas/CARTEPRE/index.php?MfcISAPICommand=Si...>>
>
> > > The programs that operate database-driven sites are vulnerable to
> > > hackers, who can (and do) exploit bugs in those programs to gain
> > > unauthorized access to your site.
>
> > > Thene I removed all docebo file and phpmysql db. after that they
> > have
> > > reactivated our site. I checked the docebo sql files it is went more
> > > that 50mb file size. So ican't backup the the db also. I have
> > created
> > > this sites for tamil docebo marketing and anothe one for India
> > > international software developer conference
> > (www.indiasoft2008.com<http://www.indiasoft2008.com>)
> > > But all files gone. That conferene will held on march 19th 2008. We
> > > decided to show docebo on there conference (last year we showed
> > docebo
> > > on this conference without video and audio) Now we have created
> > video,
> > > flash online interactivity tools ( our own online interactivity
> > > tools). It is developed by FMS3. Anyway I am trying to recover those
> > > sites from my mind.
> > > Rishi
> > >www.vgrishi.com<http://www.vgrishi.com>
>
> > > Hello,
>
> > > this is the hacked person " eBay Offer for "Callaway Tour Blue 35"
> > > Putter. We had started docebo forum. They have send lot of spam mail
> > > from our docebo site.
>
> > > We got one mail from hosting company see that:
>
> > > Date: Sat, Feb 23, 2008 at 11:24 AM
> > > Subject: WEB HOSTING ACCOUNT DEACTIVATED for ECLASS4U.COM
> > <http://ECLASS4U.COM>
> > > To: nagarajan.vadi...@gmail.com <mailto:nagarajan.vadi...@gmail.com>
>
> > > Dear Nagarajan:
> > > Your web hosting account for eclass4u.com <http://eclass4u.com>
> > has been deactivated
> > > (reason: terms of service violation).
> > > Although your web site has been disabled, your data may still be
> > > available.
> > > If you feel this deactivation is in error, please contact customer
> > > support as
> > > soon as possible.
> > > Thank you,
> > > BlueHost.Com Support
> > >http://www.bluehost.com