SA-MP Forums

Go Back   SA-MP Forums > Other > Everything and Nothing

Reply
 
Thread Tools Display Modes
Old 26/11/2009, 11:06 PM   #1
Eazy_Efolife
High-roller
 
Join Date: Aug 2009
Posts: 1,206
Reputation: 9
Default PHP Code [TROJAN?] Where?

I'm getting complaints from people who went to http://ucp.south-westrp.com/UCP.php and they said there received Trojan warning from AVAST, Can someone look at this code and see where the problem is at?

Code:
<html>
<head>
<?php
  
  $sql = mysql_connect("BLOCKED", "BLOCKED", "BLOCKED");
  mysql_select_db(BLOCKED, $sql);
  if($_POST["fname"] && $_POST["ppassword"]) 
  {
    if(!isset($_POST['fname']) || !trim($_POST['fname'])) die('Please enter a name.');
    //foreach($_POST as $name=>$val) 
    // {
    //  $_POST[$name] = mysql_real_escape_string($val);
    //}
    $fname = $_POST["fname"];
    $ppassword = $_POST["ppassword"];
    $sql = mysql_query("SELECT * FROM players WHERE Name = '$fname' AND Password = '$ppassword' LIMIT 1");
    if(mysql_num_rows($sql)>0) 
    {
      echo("You are logged in!");
    }
    else 
    {
      echo("Password does not match, or there is no account!");
      return 0;
    }
  }
  else
  {
    echo("Password does not match, or there is no account!");
    return 0;
  }
?>

<?php
      $sql = mysql_connect("BLOCKED", "BLOCKED", "BLOCKED");
      $select = "SELECT * FROM players WHERE Name = '".mysql_real_escape_string($_POST['fname'])."'";
      $query = mysql_query($select) or die('MySQL error: '.mysql_error());
      mysql_select_db(BLOCKED, $sql);
      while($list = mysql_fetch_array($query)) {
      	?>
      	<div style="color: #FFFFFF;">
          Name: <?=$list['Name']?><br />
      		Level: <?=$list['PlayerLevel']?><br />
      		Admin Level: <?=$list['AdminLevel']?><br />
      		Moderator: <?=$list['Moderator']?><br />
      		Helper: <?=$list['Helper']?><br />
      		Money: <?=$list['Cash']?><br />
      		Skin: <?=$list['Skin']?><br />
      		Faction ID: <?=$list['Faction']?><br />
      		Faction Rank ID: <?=$list['Rank']?><br />
      		House Key: <?=$list['HouseKey']?><br />
      		Rent House Key: <?=$list['RHouseKey']?>
      	</div><br />
      	<?php
      }
      ?>
      
</head>
<body>
<p><center><b>_</center></p>
<body background="http://img43.imageshack.us/img43/7428/hometu.jpg">
</body>
</html>
edit: Someone told me it was Iframe, How do I remove it? ( The IFrame?)
Eazy_Efolife is offline   Reply With Quote
Old 26/11/2009, 11:11 PM   #2
J.W.
Big Clucker
 
Join Date: Aug 2009
Posts: 130
Reputation: 0
Default Re: PHP Code [TROJAN?] Where?

Hm, I get this warning usually if the Site has some popups with wierd content, do you have any popups, advertisements on your site?
J.W. is offline   Reply With Quote
Old 26/11/2009, 11:11 PM   #3
Eazy_Efolife
High-roller
 
Join Date: Aug 2009
Posts: 1,206
Reputation: 9
Default Re: PHP Code [TROJAN?] Where?

Quote:
Originally Posted by WwW
Hm, I get this warning usually if the Site has some popups with wierd content, do you have any popups, advertisements on your site?
No
Eazy_Efolife is offline   Reply With Quote
Old 26/11/2009, 11:12 PM   #4
KevKo95
Banned
 
Join Date: Jan 2008
Location: Ontario, Canada
Posts: 471
Reputation: 0
Default Re: PHP Code [TROJAN?] Where?

Also recieved a warning from AVG and McAfee SiteAdvisor actually pulled me away from the site, because it breaches security. The trojan is coming from this page:

Code:
jl.chura.pl/rc
Any idea what that is?

Edit: The problem does not appear to be from the page, I can't find anything to do with iFrames in there. It might be coming from your SQL database.
KevKo95 is offline   Reply With Quote
Old 26/11/2009, 11:13 PM   #5
Eazy_Efolife
High-roller
 
Join Date: Aug 2009
Posts: 1,206
Reputation: 9
Default Re: PHP Code [TROJAN?] Where?

Quote:
Originally Posted by Kevin Fallow / KevKo
Also recieved a warning from AVG and McAfee SiteAdvisor actually pulled me away from the site, because it breaches security. The trojan is coming from this page:

Code:
jl.chura.pl/rc
Any idea what that is?
How can i get that page away from me?
Eazy_Efolife is offline   Reply With Quote
Old 26/11/2009, 11:20 PM   #6
J.W.
Big Clucker
 
Join Date: Aug 2009
Posts: 130
Reputation: 0
Default Re: PHP Code [TROJAN?] Where?

I found this, maybe it helps you.

http://www.110mb.com/forum/virus-ifr...-t44038.0.html
J.W. is offline   Reply With Quote
Old 27/11/2009, 12:56 AM   #7
Eazy_Efolife
High-roller
 
Join Date: Aug 2009
Posts: 1,206
Reputation: 9
Default Re: PHP Code [TROJAN?] Where?

Quote:
Originally Posted by WwW
I used 110MB before, maybe i caught it from there?
Eazy_Efolife is offline   Reply With Quote
Old 27/11/2009, 03:24 AM   #8
J.W.
Big Clucker
 
Join Date: Aug 2009
Posts: 130
Reputation: 0
Default Re: PHP Code [TROJAN?] Where?

Quote:
Originally Posted by [SOMM
Compton's Eazy E ]
Quote:
Originally Posted by WwW
I used 110MB before, maybe i caught it from there?
I don't know but from what I've read on different boards, it's a virus which injects hmtl, php or even java scripts on your computer, I guess you created the UCP yourself, the virus is probably on your computer.
J.W. is offline   Reply With Quote
Old 27/11/2009, 03:26 AM   #9
Eazy_Efolife
High-roller
 
Join Date: Aug 2009
Posts: 1,206
Reputation: 9
Default Re: PHP Code [TROJAN?] Where?

Quote:
Originally Posted by WwW
Quote:
Originally Posted by [SOMM
Compton's Eazy E ]
Quote:
Originally Posted by WwW
I used 110MB before, maybe i caught it from there?
I don't know but from what I've read on different boards, it's a virus which injects hmtl, php or even java scripts on your computer, I guess you created the UCP yourself, the virus is probably on your computer.
damn =/ Well Whenever i upload one to my website hoster, I just edit the code on the website hoster and delete the code and it works I'm going to scam my computer in a sec and see if this virus goes away
Eazy_Efolife is offline   Reply With Quote
Old 27/11/2009, 03:31 AM   #10
iLinx
High-roller
 
Join Date: Jun 2009
Location: Toronto
Posts: 1,523
Reputation: 155
Default Re: PHP Code [TROJAN?] Where?

try a different webhost - 110mb sucks ass, infact all free web hosting sucks imho.
http://justhost.com
http://bluehost.com
^2 of the best rated cheap webhosts on the internet, ive used jh for around 6 months, never had any downtime or lag, if you need a cheap host you should go to them
__________________
Servers in Arizona, Virginia, Quebec (Canada), United Kingdom, Netherlands. Over 12,000 served. Free cPanel web hosting is included with ALL servers. Facebook. Twitter.
iLinx is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Trojan.Win32.Agent.dfdu in samp-server.exe DizeL-ZR- Server Support 26 11/01/2010 10:22 PM
Trojan.Win32.Agent.dfdu in samp-server.exe omm Server Support 3 08/01/2010 02:33 PM
sa-mpserver.exe detected as a Trojan? Giacomand Server Support 11 20/12/2009 03:19 PM
Trojan bots Sayaron Server Support 6 20/08/2009 09:43 PM
cannot download samp client (Trojan:Win/Stration.A!dll) valgaard_diablo Client Support 5 16/04/2009 12:07 PM


All times are GMT. The time now is 03:00 AM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.