by Thehacker /Turkish Hacker Fisk israel no war

Its made to own's issue again. It happened to my sites last month. The index file has been overwritten on all sites on the server thrice. Sun was rooted last month.
 
And say goodbye to m2o hosting. I love his abrasive replies here http://genmay.net/showthread.php?t=670972 where he flat out says there was nothing he could do.

Uh...

wtf? How the hell could there have been nothing he could have done? With propper security the accounts should be isolated, one script / executable should never have access to another clients' webspace.
 
mattcohn.com said:
Happened again. Also on the genmay namerape tracker / most online stats website.
Click to expand...
I'm working on getting back to normal again. I've had the good people over at asmallorange.com help me transfer my stuff over to them. I'll work on getting shit put back together again tomorrow. Finding all the places where I've used passes and usernames will be a lot of fun... *sigh*

Mix saying there's nothing he can do is just fucking retarded. Basically what he's saying is that anyone with a fake credit card can create an account and then do whatever the hell they want with the server. Bull.Fucking.Shit

But then again, I called this a long time ago so I'm not really surprised. Good thing I've been keeping backups...

edit: 2 months since my last post. Dang, I've missed the monthly postage. I'll make it up tomorrow with another flashlight thread :p
 
Last edited by a moderator:
Drool-Boy said:
lol this is the first time Ive been able to see the forum since friday night:fly:
Click to expand...
The index page got replaced, but apparently some people bookmark a link directly to Useless Chatter, so they were unaffected.
 
Just to add insult to injury ... :fly:

UF_Hacked.jpg


CHMOD 777


So what exactly is the cause of the hack? Does someone just run a script against the httpd service and gain access to the root of the site? Or is it something in the vBulletin forum software that's being exploited?

I personally like dreamhost, they're really quick with answering any of my requests, they toss gigs more free space at me every month (I think I have over 300 gigs of space now), and my monthly throughput is something insane like 2.4 TB! The only thing that I severely dislike is their e-mail hosting ... but it doesn't really bother me that much since all of my e-mail is sent to my own personal Msft Exchange server on someone else's T1. :p

Do you need somewhere else to host it? I'll let you have space on my dreamhost account to try it out and figure out if you like it there. (I'm not even using 1/100 of what they give me)

Regards,
Brad
 
inphosys said:
Just to add insult to injury ... :fly:

http://infopioneers.com/useless/UF_Hacked.jpg[IMG]

CHMOD 777


So what exactly is the cause of the hack? Does someone just run a script against the httpd service and gain access to the root of the site? Or is it something in the vBulletin forum software that's being exploited?

I personally like dreamhost, they're really quick with answering any of my requests, they toss gigs more free space at me every month (I think I have over 300 gigs of space now), and my monthly throughput is something insane like 2.4 TB! The only thing that I severely dislike is their e-mail hosting ... but it doesn't really bother me that much since all of my e-mail is sent to my own personal Msft Exchange server on someone else's T1. :P

Do you need somewhere else to host it? I'll let you have space on my dreamhost account to try it out and figure out if you like it there. (I'm not even using 1/100 of what they give me)

Regards,
Brad[/QUOTE]
[quote]There was a major security breach on the server thrice.made2own.com
which you are currently hosted on. The perpetrator was able to gain root
access to the server via another customers website which was located on
the same server. The customer was hosting a vulnerable outdated phpBB
installation which allowed the hackers to upload a file that caused the
breach. The user that allowed the file to be uploaded has been located,
and has been removed from the server. Unfortunately however this is all
a little too late. The hacker managed to replace every single index file
on the server with one of his own, delete his steps, deleted the
backups, and delete the log files on the server.

At this time the server has been audited for further installations of
rootkits and patched by our staff, and the datacenter. However since the
hacker replaced the index files you will need to go back to your site
and replace it with one of your own in order to restore the site back to
its original state. If your index file(s) were a part of a script (i.e.
a blog, gallery, or forum) you should be able to install a fresh copy of
the software into a new directory and copy the index file(s) over to the
appropriate location and that will get everything back up and running.
The only files affected by this were any files with the word index,
home, main, or default in the file name, no other data or passwords were
compromised at any time.

Should you have any trouble or if you seek further assistance please
feel free to contact us.

Thank you for your understanding in this matter and we greatly apologize
for the inconvenience.
[/quote]
Click to expand...
 
You must log in or register to reply here.
Top Bottom
Back