Jump to content

Vicar

Members
  • Posts

    13
  • Joined

  • Last visited

Vicar's Achievements

Newbie

Newbie (1/14)

1

Reputation

  1. I never made any reference to vcal.org.uk, nor discussed it. I quoted olny my website moosedomain.net.
  2. Thanks again. How do you check my site against the IP to get the return address 77....? When I entered my website domain (www.moosedomain.net) I always get the correct data. I did that, and I got the correct address in return: Also: Verification at: http://whois.domaintools.com/moosedomain.net returns correct data too. Kind regards, Rafal
  3. Thanks for help. My server IP is not 77.235.50.205, its 89.146.199.179. (www.moosedomain.net) In a sense of functionality, it does serve multiple internet accounts, ie. the ISP offers hosting to more than one account. In this sense it is shared. But he swore to death today that malware scans report problems only with my account/website, which is not shared or inter-related with any other one. I do not lease/more any other webspace account/server. Passwords. no matter how often we change them, are available once the site is peremeated, since they are stored in ... well, we know where. I have neither the patched version of the ofc_upload_image.php file not the old one. I use no email related to this site. FTP and MYSQL passwords were changed first after the first attack, then again this morning, and then after the second. Few moments later the third exploit came in. If there is another site on the server that is compromised that has access to my directory, possibly through the links created by a symlink attack, how can I react to that/detect/remove the threat? Interestingly I got notified by email from apparently from http://www.internetidentity.com. Not signed with the name. The notiofication was on the illegal content on my site (phishing). They requested . I did not send anything, but replied that the malicious stuff had been removed. 10 mins later (after the site cleanup, and changing passwords) I got another email from them that the site has been hacked again. And this was true...PS/EDIT: The history of FTP connection logs from the last few days show only my home and work IP numbers,.
  4. No. it's not shared. A commercial one, leased and fully paid for. I talked to the ISP, he knows my problem, they verified, on my request, the security of my account on the shell /root level. As you see in my first post -> the quote -> they seem to be trying to use the previous method. And using that before, they still did get access to my (and not only my, but other victims') root directory, where ICA placed the infamous index.php with their page.
  5. I am helpless. Right after I finished this post they attacked again. I keep getting warnings from the bank they phished.
  6. After the first exploit I deleted the file "ofc_upload_image.php" from the "php-ofc_library" folder. Did not help for long. Within the last 24 hrs I found 3 foreign folders in the root library, some foreign files in admin/modules/settings, 3 zipped packages containing files that had been unpacked to the foreign folders. The final effect of the exploit was fully working phishing site. Luckily my website itself has been left intact. I installed the update now, but being a layman, though, I presume that if the "ofc_upload_image.php" did not exist on my site during the yesterday's exploit, they must have another way to get through. Correct me if I'm wrong. (I checked FTP, there are no suspicious connections. Here's the log of 24 hrs connections to the website. It does show their activity, e.g. attempts to use the infamous "ofc_upload_image.php" file, which was not in there (unless it ha been placed there and then removed by the exploiters). But with my knowledge, I cannot work out how they sneaked in, maybe someone will be able to make a better use of it to plug the hole for good. http://www.moosedoma...et/imgs/log.txt The suspicious activity seems to be observed with my IT-half-blind eyes is and from then on.
  7. Good to know, thank your for your info, please keep us posted. Great many thanks, Rafal
  8. Hi Ray, yes, indeed, you are right, but for now a simple solution to spend some of the revenue via a "one-time" expense, so far, could do a lot. Maybe someone could give us a helping hand to script it out. Rafal
  9. Hi all, I've been wondering if there is a way to make use of the revenue made by the airline. I've installed the pilot shop and it's working fine with pilots' money, but is it possible to use the total VA revenue in any way? Let's say the VA is buying a new aircraft - a good opportunity to decrease the revenue. A good solution would be to add one-time, single expense to the expense list, the thing is ... my php knowledge yet too limited, although I'm trying as I might. Could anyone advise or suggest a code snippet/modification?
  10. Hello Nabeel, thank you for your reaction. Can you give exact steps to reproduce? How was the PIREP submitted, along with exact times, and the times for ranks I set the rank system to achieve the second rank after flying 10 hours. In the in the admin "ranks" sections I filled the required hours to 10 (not 10:00, or 1,0 nor 1.00). Then I placed a test pirep manually, providing the flight time (and other info). The reported flight time - 1.02. Then I flew using FSFkeeper to report a pirep.The reporting went nicely, the flight time was 1 hr 50 mins, the time reported: 1.50. Now the pilot center summary shows my total flight time as 2.52 and the remaining time to the next rank - 7.48 Similar situations with other pilots, but I have no idea, which acars reporting system they used. You can verify in the pilot section: www.moosedomain.net/phpvms. My pilot number is MSE0001. Thank you for assistance. Vicarek.
  11. Thank you, Jeff. That's what I thought at the beginning. But the total flight duration reported through pireps was 0:48. And, as we did a test flight, this was acurate time of light - 48 minutes. The pilot still has 9.52 hrs to get the next rank.
  12. Hi all, at first please excuse me if I have miseed a thread (topic) that might have already been posted on the issue. If so, please, redirect me there. I have only recently downloaded and installed the phpvms script set, customised it a bit (graphics, font colours, etc, no action coding, though). I have also set up a rank system, and started receiving PIREP reports. Then, pilots report that the time left to achieve the next rank (set to 10 hrs) has been calulated as if 1 hr were equal 100 mins, for example, a pilot has flown his first flight, reported (via pireps) that the flight time was 0.48 min. The remaining flying time to achieve the next rank (set o 10 hrs) was dispalyed as 9.52. Indeed, I checked, I am not an expert in php coding, but I am an avid learner and I'd be grateful of someone could give me a hand to sort it out. Kind regards to all, Rafal.
  13. Well, I did change some settings, exactly as quoted, but no visible effect. Missed anything ?
×
×
  • Create New...