Portal Forums Calendar Active Threads
Thread Like Summary
InlinersAdmin
Total Likes: 1
Original Post (Thread Starter)
Phishing attack from our UBB implementation
#265428 08/25/2022 2:34 PM
by InlinersAdmin
InlinersAdmin
Greetings . . .

The support folks over at Ipower have taken our web-presence down because of a Phishing attack that apparently originated from our site. The details can be found over at Netcraft:
https://incident.netcraft.com/685581256719/redirect_graph.html

Based on the URL it appears to involve changepfrefs.inc.php. I was just out in the filesystem. None of the php files have been touched since our upgrade back in February. So the codebase doesn’t appear to have been compromised.

Please advise on (if you can) on how to stop the offending redirects. Ipower will not put our site back online until we can assure them that this is fixed.

Regards,
Keith
Tech Services Admin,
Inliners International
Liked Replies
Re: Phishing attack from our UBB implementation
#265429 Aug 25th a 04:16 PM
by Philipp
Philipp
A quick workaround for this issue

Open /ubb/scripts/changeprefs.inc.php in an editor and replace the following line near at the end:
Code
header("Location: $curl");

with:
Code
	if( substr( $curl, 0, 2 ) == "//" ) {
	    header("Location: $curl");
	}

This will add an additional check for the curl parameter
1 member likes this
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
Bots
by Outdoorking - 04/13/2024 5:08 PM
Can you add html to language files?
by Baldeagle - 04/07/2024 2:41 PM
Do I need to rebuild my database?
by Baldeagle - 04/07/2024 2:58 AM
This is not a bug, but a suggestion
by Baldeagle - 04/05/2024 11:25 PM
Is UBB.threads still going?
by Aaron101 - 04/01/2022 8:18 AM
Who's Online Now
0 members (), 963 guests, and 237 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Stones
Stones
by isaac, August 19
Forum Rules · Mark All Read Contact Us · Forum Help · UBBCentral
Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)