halfpint

Some fucker hacked my website and deleted the whole fucking website, fucking hacker scumbags, This is total bullshit, so anybody who has links to my site, it will be back up within 24 hours

__________________

Get FREE website listings on Cryptocoinshops.net

ridikuloz

ouch.... nice directory :X

__________________
Each persons' level of stupidity makes us different.

Babaganoosh

If people would secure their shit...

Lets start by setting

Options -Indexes

__________________
I like pie.

halfpint

Ok so please help me out here with security issues as i am a noob at this game and any security help would really be apreciated

__________________

Get FREE website listings on Cryptocoinshops.net

TubeTitans_SusieQ

that sucks, hope you get it fixed!

__________________





ICQ: 370399852

fatfoo

yea how do you secure shit?

__________________
Send me an email: [email protected]

halfpint

Thanks, I do regular backups and so does the server, its just so bloody annoying , and inconvenient

__________________

Get FREE website listings on Cryptocoinshops.net

drocd

black hackers?

__________________
230-699

halfpint

what do you mean by black hackers?

__________________

Get FREE website listings on Cryptocoinshops.net

G-Rotica

hackers suck. if you're a hacker reading this, I didn't mean that. please leave my shit alone.

__________________

pornpf69

1st thing upload and INDEX page to your site!

__________________

Cash X | OK Pay | Pukka Ropes | Pukka Fetish | STRAPED BLOG | Male Bound and Fucked

halfpint

__________________

Get FREE website listings on Cryptocoinshops.net

Extreme John

that sucks man hopefully youll get everything up quick.

__________________
Florida Honnies - Extreme John


51299342

halfpint

Thanks im doing that now

__________________

Get FREE website listings on Cryptocoinshops.net

Martin3

Ditch the virtual server and get a decent managed dedicated.

__________________
264-543-302

halfpint

wish i could but i cant afford that I have only had the website on the net for just over 4 months and I have only just started making a few pennies out of it, then all this shit happens

__________________

Get FREE website listings on Cryptocoinshops.net

halfpint

Thanks, should all be up and running again within 24 hours , I have found all sorts of strange files in my public_hml directory, lol and they changed all the directory and file permissions

__________________

Get FREE website listings on Cryptocoinshops.net

inabon

where are you hosting that site?

__________________
Whoever dies with most toys wins.

halfpint

Hi its on hostgator..Why?

__________________

Get FREE website listings on Cryptocoinshops.net

HairToStay

What was exploited in this "hack"?

halfpint

They deleted the whole website, I have only uploaded the index at the moment, The server host is doing the reinstall as they have the most recent backup of the website

__________________

Get FREE website listings on Cryptocoinshops.net

riabanana

Bad times man...

__________________
Vibrators, dildos, cock rings and all other sex toys? We've got them ALL for you.

http://venustoys.com

halfpint

Found some pretty weird files in my public html folder

these are some of the names

.zshrc
.canna

__________________

Get FREE website listings on Cryptocoinshops.net

TeenCat

funny

__________________

halfpint

one of them had all this funny chinese writing in them lol

__________________

Get FREE website listings on Cryptocoinshops.net

C-Bass

You's g0t di h4x0r3d

__________________
"Unhappy with the riches 'cause you're piss poor morally."

Trade traffic? - Highdef Blog

halfpint

[QUOTE=Spotter_03;13011354]You's g0t di h4x0r3d



I cannot fault hostgator they have reinstalled evrey thing and done it real quick, really great support from them

__________________

Get FREE website listings on Cryptocoinshops.net

CaptainHowdy

Good to know !

__________________
Vacares - Web Hosting, Domains, O365, Security & More - Paxum and BTC Accepted

Windows VPS now available
Great for TSS, Nifty Stats, remote work, virtual assistants, etc.

halfpint

Thought i would just say a thankyou to hostgator for their great support and change my sig..and maybe get other peeps to sign up

__________________

Get FREE website listings on Cryptocoinshops.net

sortie

Dude, unless you have some bad cgi scripts you installed then it's totaly your hosting companies falut. The hackers most likely got in because you had a weak password or you have an old version of SSH installed on the server.

Your host should detect the attempts at your password and shut login down and they should have the lastest SSH installed.

__________________

halfpint

I think a lot of it was my fault, I was messing about with some cgi scripts, one which was yours and i had changed some of the directory and file perrmissions, so I guess this made it much more easyier to hack the site

(not your scripts fault btw its was my stupidity i guess)

__________________

Get FREE website listings on Cryptocoinshops.net

sortie

Damn dude, you never ran the script so it can't be hacked.

Hackers can't do anything with bad file permissions unless they are actually on your server already.

File permissions stop other accounts on your server from writing to your files.
And if your server is partioned to private virtual account that shit don't even matter because nobody can even get a path to your account to even attempt to write.

FACT: If you have to chmod to keep others from writing to your files then your hosting is SHIT!!

But hey, you will not listen...so good luck.

__________________

halfpint

Ok i also recieved this from the tech guys "but keep in mind if your scripts have SQL injection or other vulnerabilities this isn't something we can really actively scan for. You'll need to keep any scripts and/or CMS systems you have installed updated to the latest versions"
also I was playing with another script which i did install and ran what I said was it had nothing to do with your script..unless you cant read, I also said that it was most probally my stupidy for leaving the directories/files vunrable

__________________

Get FREE website listings on Cryptocoinshops.net

directfiesta

They are right.
A lot of open source scripts ( Wordpress,joomla,etc...) have holes that hackers use to either change your front page or delete your site.
Keep your scipts up-to-date and lower as much as possible the permission of your folders.

__________________
I know that Asspimple is stoopid ... As he says, it is a FACT !

But I can't figure out how he can breathe or type , at the same time ....

tony286

man that sucks.

halfpint

Thank you. The script which i installed was nothing to do with the cgi tube, it was a topsite script, and as sortie stated i could not install his script as it gave me an internal server error and because i was mesing about with scripts I was changing directory perrmissions and did not put them back so this just makes it all the more easeir for some one to do what they did

__________________

Get FREE website listings on Cryptocoinshops.net

halfpint

Haha do you want to know what is funny about this, because pornpf69 sugested i upload my index page before the website was reinstalled I got a signup from my index page, nothing big, but it was a signup, suppose it was because the users had nowhere else to go on the website but the index page, so after all this crap it actually turned out not so bad, maybe this is the way to go a one page website.....

Thanks guys for your help

__________________

Get FREE website listings on Cryptocoinshops.net

TeenCat

hey man what about to leave internet and bake some cookies? ;)

__________________

ladida

Clueless. Refrain from giving advices on these matters.

__________________
agentGFY *at* gmail.com

drjones

Hackers can do plenty if you are publicly serving world writable directories and files through your webserver. No shell access needed.

__________________
ICQ: 284903372

Libertine

Note to self: stay the fuck away from TubeCGI... the guy who made it knows absolutely nothing about computers.

__________________
/(bb|[^b]{2})/

sortie

Ok, please explain how a hacker who cannot get in thru SSH or a script or a server port can write to any directory.

I would like to know this.

Didn't the wordpress hacks etc... all involve the script accepting data from an html page and then executing it, which is a no-no. They fixed that issue as soon as they realized the mistake.

I'm serious, please explain. I'm not being sarcastic. If you have this information then please share it so people can protect themselves.

__________________

sortie

Yeah, they can do plenty without shell access but doesn't it mostly involve feeding something to a script that executed it and they gain access that way.

They could flood the old version of SSH and cause integer overflow which allowed them server access without a password.

What have you seen that was different then that?

I mean, if you know then don't keep it a secret and let us all get hacked.

__________________

sortie

http://resources.bravenet.com/articl...php_script s/


Have a good day.

__________________

halfpint

Hi just an update on what has happened The tech guys sent me this

This appears to be telnet script which allows the user to remove files. I have disabled these scripts from the cgi-bin and blocked the connecting IP. I am also showing that this user connected to the toplist scripts,
If this script is not being used, I would recommend removing the toplist scripts from your account.

I had an idea it was this stupid topsite script that caused it, the name of the toplist is "Best Top List" so stay away from it it is bad news

__________________

Get FREE website listings on Cryptocoinshops.net

halfpint

BTW The IP address is showing up from Mauritius
Africa but whois is to know that this is their real IP but glad they sorted it

__________________

Get FREE website listings on Cryptocoinshops.net

alby_persignup

that shit hurts! sucks

__________________
OnProbation Links Directory | OnProbation Design Services | OnProbation Cash

Libertine

It's all about maximum security.

The reason you always set permissions as low as possible is so that, for example, you have some added security against badly written scripts.

Every programmer knows, or should know, that mistakes can and will slip through. By using security at every level, you can prevent those mistakes from becoming disasters.

You use low permissions for the same reason you don't keep unencrypted user passwords in your database: to make sure that if someone manages to slip through, he can do as little as possible.

__________________
/(bb|[^b]{2})/

Libertine

From your own damn link:

__________________
/(bb|[^b]{2})/

halfpint

Yeah its a pain in the arse but most of it was my own fault for installing a crappy script in the first place, it has taught me not to use free scripts and from what i saw of the script that was deleteing my pages it was actually looking for files, it had commands like this

'find suid files'
'find config* files'
'find all writable files'
'find all writable directories'
'find all service.pwd files'
'show opened ports'

and a load more, Im not gonna post them all here

Pretty mad but I have learned a good lesson from this, like i would never get hacked, its always somebody else, and anyway why would someone hack a small site like mine so just watch what scripts you install

__________________

Get FREE website listings on Cryptocoinshops.net