EricNguyen

Hi Nabeel and all, We have been hit several time now by hackers. However, as most people, I do only work for my VA when there is demand, and I cannot monitor the forum. Would it be therefoe possible to establish a list of people to be informed whenever a vulnerability and a security issue is found ? In order to make sure of the bona fide, we could check the person member of the list has a valid VATSIM/IVAO member number. Do you think this would be good ? Thanks, Eric

Hello all, Just to inform, we found our PHPVMS hacked again today, despite removing the chart php script. We are investigating what was changed in our scripts. Eric

Hello, Our VA got hacked too, they installed a massmailer and file controller. fortunately I have an older version of the site and did a check using MD5deep (a tool to compute md5 hash) bewteen the 2 versions. hence I could find our which files were added or modified. to generate signatures from an old copy of phpvms: md5deep -l -r phpvms > old.txt To generate a report on the hacked version md5deep -l -r -x old.txt phpvms_hacked Quick and it will compare file content .... Now I would like to use the new ofc_upload_image.php is the correct version dated 30-09-2013 ? I can find it in http://downloads.phpvms.net/phpvms.update.zip Right ? Thanks Eric Air Inter VA