Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-03-29, 00:21:59

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - BigWeb.EU

Pages: 1 ... 6 7 [8]
106
Kloxo-MR Bugs and Requests / Re: KLoxo MR was hacked
« on: 2014-07-03, 10:53:08 »
Have found newly created file :

/home/nginx/tpl/cgi-bin.php :

Code: [Select]
<?php

$descriptorspec 
= array(
=> array("pipe""r"), // stdin is a pipe that the child will read from
=> array("pipe""w"), // stdout is a pipe that the child will write to
=> array("pipe""w"// stderr is a file to write to
);

$newenv $_SERVER;
$newenv["SCRIPT_FILENAME"] = $_SERVER["X_SCRIPT_FILENAME"];
$newenv["SCRIPT_NAME"] = $_SERVER["X_SCRIPT_NAME"];

if (
is_executable($_SERVER["X_SCRIPT_FILENAME"])) {
<------>
$process proc_open($_SERVER["X_SCRIPT_FILENAME"], $descriptorspec$pipesNULL$newenv);

<------>if (
is_resource($process)) {
<------><------>
fclose($pipes[0]);
<------><------>
$head fgets($pipes[1]);

<------><------>while (
strcmp($head"\n")) {
<------><------><------>
header($head);
<------><------><------>
$head fgets($pipes[1]);
<------><------>}

<------><------>
fpassthru($pipes[1]);
<------><------>
fclose($pipes[1]);
<------><------>
fclose($pipes[2]);

<------><------>
$return_value proc_close($process);
<------>} else {
<------><------>
header("Status: 500 Internal Server Error");
<------><------>echo(
"Internal Server Error");
<------>}
} else {
<------>
header("Status: 404 Page Not Found");
<------>echo(
"Page Not Found");
}
?>


Is it smth KLOXO related ? Also I'm using Apache, not nginx ?

107
Kloxo-MR Bugs and Requests / Re: KLoxo MR was hacked
« on: 2014-07-03, 10:39:59 »
What do you mean by saying "Look like, 1 of websites already hacked"?

If you're talking about your hosting, then i would treat this as a security hole, if you are talking about my posted apache log - this is the only mention of that file in the log, however , on my hosting ALL domains got hacked (admin account) !

108
Hi, my Kloxo-MR ( ver  6.5.0.f-2013031808 ) VPS was hacked - all sites on admin accounts got "tgrl.html" file with content:

Code: [Select]
<html><head><title>Hacked By TurkTeam</title>
<link rel="SHORTCUT ICON" href="http://i.imgur.com/n54dIAD.gif">
<link href="http://fonts.googleapis.com/css?family=Orbitron" rel="stylesheet" type="text/css">
<link href="http://fonts.googleapis.com/css?family=Share+Tech+Mono" rel="stylesheet" type="text/css">
<style type="text/css">
 body { color:#04BA4C;background:url(http://3.bp.blogspot.com/-D6nQQ3d_wfw/Ts31QI5aQPI/AAAAAAAAAgA/mMEBDufqDpk/s1600/0_1_1.gif) repeat center center fixed black;}
 #q {font: 20px Share Tech Mono;color:darkgreen;}
.container > p {
<------>text-shadow: 0px 0px 20px #CC0000
}
.container > font {
<------>text-shadow: 0px 0px 20px #CC0000
}
#shadow {
<------>text-shadow: 0px 0px 20px #CC0000
}
</style>
<meta name="keywords" content="turkteam,hacked,defaced,hacked by turkteam,turkteam.org,hacked by turkteam.org">
</head>
<body>
<div class="container">
<br>
<center><br><br><br>
<font id="shadow" face="Orbitron" color="red" size="6">Hacked By </font></center><center>
<br><font id="shadow" face="Orbitron" style="  " color="red" size="6">TurkTeam</font><font style="  text-shadow: 0px 0px 20px #CC0000; " face="Orbitron" color="white" size="6">.Org</font></center><font face="Orbitron" color="white" size=
</font><center><br>
<img src="https://fbcdn-sphotos-c-a.akamaihd.net/hphotos-ak-xpa1/t1.0-9/10458112_331116590372224_7650303515172725644_n.jpg" width="600" height="250"></center><center><br>
 
 <p><font id="shadow" face="Orbitron" color="white" size="6" >Patlamaya Hazir
  </font></p>
  <p><b><font id="shadow" face="Orbitron" color="red" size="6" >Bomba</font></b></p>
</center><br><br><br>
<center>
<b><font  face="Orbitron" color="#04BA4C" size="5" style="  text-shadow: 0px 0px 20px #04BA4C; ">| S4cuRiTy EneMy | <font color="seagreen">Tgrl5000</font> | K37 King | G!4nT-C0d3 |</font></b></center>
<embed src="http://error-404.do.am/50256-h4ck3d.swf" width="0" height="0"></embed>
</div>
</body></html>

Happened on 28/06/2014 , almost no mentions in LOG files, except apache error log, which shows an attemt to access that tgrl file:

Code: [Select]
[Sat Jun 28 02:49:24 2014] [error] [client 157.55.39.208] File does not exist: /home/kloxo/httpd/default/robots.txt
[Sat Jun 28 02:51:28 2014] [error] [client 157.55.39.208] SoftException in Application.cpp:350: UID of script "/home/kloxo/httpd/default/index.php" is smaller than min_uid
[Sat Jun 28 02:51:28 2014] [error] [client 157.55.39.208] Premature end of script headers: index.php
[Sat Jun 28 02:56:15 2014] [error] [client 41.101.228.11] File does not exist: /home/kloxo/httpd/default/tgrl.html
[Sat Jun 28 02:56:16 2014] [error] [client 41.101.228.11] File does not exist: /home/kloxo/httpd/default/favicon.ico
[Sat Jun 28 02:56:18 2014] [error] [client 41.101.228.11] SoftException in Application.cpp:350: UID of script "/home/kloxo/httpd/default/index.php" is smaller than min_uid
[Sat Jun 28 02:56:18 2014] [error] [client 41.101.228.11] Premature end of script headers: index.php
[Sat Jun 28 03:16:59 2014] [error] [client 192.110.165.118] File does not exist: /home/kloxo/httpd/default/components
[Sat Jun 28 03:45:58 2014] [error] [client 157.55.39.208] SoftException in Application.cpp:350: UID of script "/home/kloxo/httpd/default/index.php" is smaller than min_uid
[Sat Jun 28 03:45:58 2014] [error] [client 157.55.39.208] Premature end of script headers: index.php
[Sat Jun 28 03:54:55 2014] [error] [client 123.151.149.222] SoftException in Application.cpp:350: UID of script "/home/kloxo/httpd/default/index.php" is smaller than min_uid
[Sat Jun 28 03:54:55 2014] [error] [client 123.151.149.222] Premature end of script headers: index.php
[Sat Jun 28 03:58:13 2014] [notice] Graceful restart requested, doing restart
[Sat Jun 28 03:58:16 2014] [notice] Digest: generating secret for digest authentication ...
[Sat Jun 28 03:58:16 2014] [notice] Digest: done

Any ideas would be appreciated.

109
Kloxo-MR Technical Helps / Re: Class 'MySQLi' not found
« on: 2013-04-01, 01:17:03 »
Hmm.. looks like

Code: [Select]
yum install php54-mysql

fixed it... I wonder why it was not there by default ?

110
Kloxo-MR Technical Helps / Class 'MySQLi' not found
« on: 2013-04-01, 01:00:01 »
Hi,

Tried both Final verison and dev version - with both 5.4 / 5.3 php i'm getting

Code: [Select]
Fatal error: Class 'MySQLi' not found

I assume there's one extension/module missing, but can't figure out which.

PLease help !

My php-v php-m :

Code: [Select]

# php -v
PHP 5.4.13 (cli) (built: Mar 15 2013 11:29:47)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
# php -m
[PHP Modules]
bz2
calendar
Core
ctype
curl
date
dom
ereg
exif
fileinfo
filter
ftp
gettext
gmp
hash
iconv
json
libxml
mbstring
mcrypt
mhash
openssl
pcntl
pcre
PDO
pdo_sqlite
Phar
readline
Reflection
session
shmop
SimpleXML
sockets
SPL
sqlite3
standard
tokenizer
wddx
xml
xmlreader
xmlwriter
xsl
zip
zlib

[Zend Modules]


111
Same goes for the i686 :

[code]

No log handling enabled - turning on stderr logging
Created directory: /var/lib/net-snmp/mib_indexes
/usr/bin/lxphp.exe: line 3:  4070 Segmentation fault      /usr/local/lxlabs/ext/php/bin/php -c /usr/local/lxlabs/ext/php/etc/php.ini $*

Creating Vpopmail database...
Prepare /home/kloxo/httpd...
Creating 'kloxo database'...
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]
cp: cannot stat `/var/log/secure': No such file or directory
pure-ftpd: unrecognized service
Existing lock /var/run/yum.pid: another copy is running as pid 17436.
Another app is currently holding the yum lock; waiting for it to exit...
  The other application is: yum
    Memory :  14 M RSS ( 25 MB VSZ)
    Started: Sat Mar 30 12:06:17 2013 - 00:07 ago
    State  : Running, pid: 17436
Existing lock /var/run/yum.pid: another copy is running as pid 18104.
Another app is currently holding the yum lock; waiting for it to exit...
  The other application is: yum
    Memory :  32 M RSS ( 44 MB VSZ)
    Started: Sat Mar 30 12:06:34 2013 - 00:01 ago
    State  : Running, pid: 18104
Existing lock /var/run/yum.pid: another copy is running as pid 18122.
Another app is currently holding the yum lock; waiting for it to exit...
  The other application is: yum
    Memory :  26 M RSS ( 38 MB VSZ)
    Started: Sat Mar 30 12:06:36 2013 - 00:01 ago
    State  : Running, pid: 18122
No Match for argument: MariaDB*
[/code ]

Any fixes for that ?

BTW - the DEV verison looks works fine on 64bit release

112
Rebooted , when trying to /script/upcp it breaks at:

Code: [Select]
Fix the secure logfile
- Fix process
/script/upcp: line 3:  1998 Terminated              lxphp.exe ../bin/update.php


for /script/cleanup :

Code: [Select]
Remove Old dirs
- Remove process
Initialize Some Binary files
- php-cgi binary already installed
- Symlink /usr/local/bin/php already exists
/script/cleanup: line 3:  3194 Terminated              lxphp.exe ../bin/common/cleanup.php

probably something went wrong ?

(I tried on  64 bits  openvz image)

113
Thanks, looks like it pasess til the end now . Just in case - i got these lines at the end of install - is this something very bad, or I can continue using kloxo ?:

Im talking about segmentation fault :

Code: [Select]
No log handling enabled - turning on stderr logging
Created directory: /var/lib/net-snmp/mib_indexes
/usr/bin/lxphp.exe: line 3:  4095 Segmentation fault      /usr/local/lxlabs/ext/php/bin/php -c /usr/local/lxlabs/ext/php/etc/php.ini $*

Creating Vpopmail database...
Prepare /home/kloxo/httpd...
Creating 'kloxo database'...
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]
cp: cannot stat `/var/log/secure': No such file or directory
Existing lock /var/run/yum.pid: another copy is running as pid 17774.
Another app is currently holding the yum lock; waiting for it to exit...
  The other application is: yum
    Memory :  19 M RSS (207 MB VSZ)
    Started: Sat Mar 30 11:47:37 2013 - 00:03 ago
    State  : Running, pid: 17774
Existing lock /var/run/yum.pid: another copy is running as pid 18115.
Another app is currently holding the yum lock; waiting for it to exit...
  The other application is: yum
    Memory :  50 M RSS (244 MB VSZ)
    Started: Sat Mar 30 11:47:48 2013 - 00:02 ago
    State  : Running, pid: 18115
No Match for argument: MariaDB*

Congratulations. Kloxo-MR has been installed succesfully as master
...


114
Confirm - does not install on either Centos 6 (86 or 64 bit - doe not matter) .
from http://openvz.org/Download/templates/precreated

used centos-6-x86.tar.gz  and centos-6-x86_64.tar.gz  - both are failing with :

Code: [Select]
Error: Package: php-mbstring-5.3.3-22.el6.x86_64 (base)
           Requires: php-common(x86-64) = 5.3.3-22.el6
           Installed: php-common-5.3.23-1.el6.x86_64 (@kloxo-mr-centalt)
               php-common(x86-64) = 5.3.23-1.el6
           Available: php-common-5.3.3-22.el6.x86_64 (base)
               php-common(x86-64) = 5.3.3-22.el6
           Available: php-common-5.2.17-29.el5.x86_64 (kloxo-mr-centalt)
               Not found
Error: Package: pure-ftpd-1.0.36-5.mr.el5.x86_64 (kloxo-mr-release-version-arch)
           Requires: libpq.so.4()(64bit)
Error: Package: lxphp-5.2.17-8.mr.el5.x86_64 (kloxo-mr-release-version-arch)
           Requires: libc-client.so.1()(64bit)
Error: Package: 1:mod_ssl-2.2.23-3.el5.x86_64 (kloxo-mr-centalt)
           Requires: libdistcache.so.1()(64bit)
Error: Package: lxphp-5.2.17-8.mr.el5.x86_64 (kloxo-mr-release-version-arch)
           Requires: libltdl.so.3()(64bit)
Error: Package: lxphp-5.2.17-8.mr.el5.x86_64 (kloxo-mr-release-version-arch)
           Requires: libnetsnmp.so.10()(64bit)
Error: Package: lxphp-5.2.17-8.mr.el5.x86_64 (kloxo-mr-release-version-arch)
           Requires: libpq.so.4()(64bit)
Error: Package: php-devel-5.3.3-22.el6.x86_64 (base)
           Requires: php(x86-64) = 5.3.3-22.el6
           Installed: php-5.3.23-1.el6.x86_64 (@kloxo-mr-centalt)
               php(x86-64) = 5.3.23-1.el6
           Available: php-5.3.3-22.el6.x86_64 (base)
               php(x86-64) = 5.3.3-22.el6
           Available: php-5.2.17-29.el5.x86_64 (kloxo-mr-centalt)
               Not found
Error: Package: lxphp-5.2.17-8.mr.el5.x86_64 (kloxo-mr-release-version-arch)
           Requires: libcurl.so.3()(64bit)
Error: Package: 1:mod_ssl-2.2.23-3.el5.x86_64 (kloxo-mr-centalt)
           Requires: libnal.so.1()(64bit)
 You could try using --skip-broken to work around the problem
** Found 1 pre-existing rpmdb problem(s), 'yum check' output follows:
cronie-1.4.4-7.el6.x86_64 has missing requires of /usr/sbin/sendmail
YUM Gave Error... Trying Again...


Please help - as need Centos 6 for PHP 5.3.4 (I dont think centos 5 supports it ?)

Pages: 1 ... 6 7 [8]

Top 10 Social Networking:    Facebook    Twitter    LinkedIn    Pinterest    Google Plus    Tumblr    Instagram    VK    Flickr    Vine
Click Here

Page created in 0.033 seconds with 20 queries.

web stats analysis