Jump to content
xisto Community
YungOdo

My Site Was Hacked!

Recommended Posts

Through all my troubles of getting to the cpanel of my account and accessing my site come to find out its been hacked, this is what it said on the index.php page of my forum..

 

Hack By: lulu_akita and nghia_dia_tinh_yeu92

 

 

Sorry admin host ......

 

 

Hi Hi!


i've deleted everything i had in the public_html...these bastards i hate hackers.. now i have to change all my passwords :P

Share this post


Link to post
Share on other sites

The trap takes security quite seriously and you need to be just as concerned about it.Do you have any details about this event that the Server Admins need to know about? Was there a breach through the server defenses? Or was it a couple of buddies that guessed your password?What makes you think it was a "hacker" and not a friend who knew the password?

Share this post


Link to post
Share on other sites

I would wonder why someone would go hacking into another person's site? Just for the fun of it? You just wake up one morning and instead of thinking to do one good thiing for that day, all you could think of was to go destroy something someone else has taken his time, ideas, knowledge and zeal to build.That aint good at all and people should stop it.

Share this post


Link to post
Share on other sites

The trap takes security quite seriously and you need to be just as concerned about it.
Do you have any details about this event that the Server Admins need to know about? Was there a breach through the server defenses? Or was it a couple of buddies that guessed your password?

What makes you think it was a "hacker" and not a friend who knew the password?


Im sure it was a hacker because nobody i know personally would do this and its near impossibly to even try to guess my password.. Once i got to my home page i was "shocked" because i never thought i would get hacked plus i've worked hard on it, but Oh well :P

Share this post


Link to post
Share on other sites

Was your site made with PHPNuke or another system like that? If so, you dont have to change your passwords but you do need to follow when new releases of those system are released and you need to be sure to upgrade. Also you need to add plugins that help protect against sql injections and so forth since they are a very common way to hack a site. Just google the system you are using (whether it is a forum or whole site system) and hacking to get ways to protect your site.

Share this post


Link to post
Share on other sites

This is why I always keep a copy of all of my websites locally on my harddrive :PThis sounds like these two just decided to have some fun and see what kind of havoc they could cause. I agree sometimes website hacking and sql injection can be fun but I never do it on a real person's website. It's more fun to use simulations like hackthissite.org. Whoever did this is pathetic that they have nothing better to do than wreck what others have worked on. Good luck rebuilding your site :D

Share this post


Link to post
Share on other sites

If you installed custom scripts or used any free scripts to run your site, i.e. Joomla or PHPNuke, you must update with the latest patch otherwise security holes can leave potential juveniles to mess with your hard work.That's hardly any hacking really--just them knowing you installed outdated scripts on your site.Please know the current security issues with any scripts you install, and double check your customized script. We're here to test it out for you in the friendly environment :P

Share this post


Link to post
Share on other sites

If it's files that were messed with just permission them to 444. You yourself won't be able to overwrite them unless you manually change them but your site is safe from script kiddies. I've had a site hacked once - a person added adds and redirects on the site to various advertisements in key PHP scripts. I just overwrote them with the originals and permissioned them to 444 and everything worked out great. Apparently they couldn't figure out how to use Unix. The hacking stopped after that after two days of that in a row of that issue happening. A changed password also helps a lot. The more it looks like you rolled your head on the keyboard, the more secure it is. I wouldn't be too concerned about changing the password in Joomla as the password to your FTP. That's where it looks like they did the damage. I stupidly had my index.php of my forum script set to 777 and they just replaced the thing with text. Usually it's nothing extremely harmful like lost data from my experience - just guys that like to replace things in scripts so they are noticed. The MySQL database isn't even touched. You can easily fix those problems by overwriting the scripts.

Share this post


Link to post
Share on other sites

Well, other then what i can see, it looks like its your fault not Xisto. As Xisto is most likely (from what i've heard/seen) hosted on Opaque's and maybe buffalo's computer. Only way you could be hacked is if BF or Opaque would do it, or somebody does something to their computer. However, I doubt neither of th ose happened, as buffalo and opaque are both trustworthy, and would have no need for it. Therefore it lies into your password or failing to have good scripts/sql injection protection. As said before, make all the files you NEED 777, and all th eones you don't really need permissions set to 444. That way its harder to have sql injections, and then you'll just need a better password. If you are using a forum system like a newer one, get a better one until the other one gets more updated. By newer i mean those that have just started.

Share this post


Link to post
Share on other sites

Well, faults or no faults... let's use this situation to learn. I hope that YungOdo's hard work on making a site didn't go to a waste.We're here to support and trade tips and tricks (but not pointing fingers :P just some constructive suggestions). YungOdo let us know what you installed and perhaps we can make it secure it better.As for your hosting servers: it is neither near OpaQue or I :D They're located in somewhere deep beneath the Earth under secure settings where they are among their own kinds ha ha ha. I have nothing to do with hosting servers except I do some quick remote trouble shoots when I can. But ultimately, OpaQue has the full control and his server techs.

Share this post


Link to post
Share on other sites

don't forget script kiddies are poor excuse for the title hackers/crackers because to truely be a good one you have to do something that programming, software, and hardware wouldn't normally do. Its like making a cell phone into your personal laptop or something. Like buffalo mention and I know hundreds of others posts have mention make sure your scripts are secured, patched and updated, not everything secured but with simple things such as proper CHMOD settings, and what I just mentioned above your site will be less likely to encounter problems. I know I have mentioned this a few time back up your website on a daily basis so not to lose any information and if you do get hacked you can bring it back up again, and then try to work on the problem that caused it in the first place.

Share this post


Link to post
Share on other sites

I'd add stress on the following points,* Always Update and use the latest version of any CMS package you use for your site.* Maintain Regular Backups of your site files and data in a safe location.* Never give your login information to others, or make them publicly visible.* If you are using your own script in your site, then make sure you've taken care of security of your site, especially SQL Injection and Cross-Site Scripting.* Never use a public computer to login to your important accounts, because they may have key-loggers installed that monitors all your keystrokes.* Finally be more careful and lookout for any issues with any package that you plan to use in your site.

Share this post


Link to post
Share on other sites

Thanks for the advice guys, i'll make sure i be more careful next time of how i set my site up although im not really good at security knowledge execpt for chmoding files or what not.. I wouldnt put the blame on Xisto or any member on the site for my site being "hacked" or whatever you want to call it, but i surely have an idea on who could have done this :P but i wouldnt point the finger at anyone.. it doesnt really matter i just hate starting hard work all over again but i'll make backups regularly as suggested and try to be more secure and hope these little sh*ts dont try to hack my site again :D

Share this post


Link to post
Share on other sites

I glad we can be here to share common knowledge... this is a great forum, isn't it?If you're having any issues or have questions, don't hesitate to post or ask around. We have Programming sections or just General Talk section to let your questions be answered by our forum members.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.