Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar Mark Forums Read
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
So I had my first site hacked... So I had my first site hacked...
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 07-28-2008, 01:06 AM   #1
Markul
Likes Pie
 
Markul's Avatar
 
Industry Role:
Join Date: Dec 2007
Location: The land that liberated porn
Posts: 12,401
So I had my first site hacked...
Seems some idiot managed to change something in a header file, injecting massive amounts of links to something called www.xangogoodness.org

whois says this shit is owned by a Scott Smith from XanGo LLC, anyone know these fuckers?
Markul is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 01:13 AM   #2
yahoo-xxx-girls.com
Confirmed User
 
yahoo-xxx-girls.com's Avatar
 
Join Date: Jul 2006
Location: Canada
Posts: 3,143
The hacker might not be this guy or lady @ www.xangogoodness.org... it could be almost anyone... does it make sense to you for them to hack your server just to make it easy for someone like you to trace them by whois ???
yahoo-xxx-girls.com is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 01:26 AM   #3
Markul
Likes Pie
 
Markul's Avatar
 
Industry Role:
Join Date: Dec 2007
Location: The land that liberated porn
Posts: 12,401
Why would anyone add just about a thousand links to a service when it has no ref id or anything, just plain old links?

Unless I pissed someone off, but it wasn't even a big site or anything.
Markul is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 01:39 AM   #4
d-null
. . .
 
d-null's Avatar
 
Industry Role:
Join Date: Apr 2007
Location: NY
Posts: 13,724
what type of script were you running on the site?
__________________

__________________
Looking for a custom TUBE SCRIPT that supports massive traffic, load balancing, billing support, and h264 encoding? Hit up Konrad!
Looking for designs for your websites or custom tubesite design? Hit up Zuzana Designs
Check out the #1 WordPress SEO Plugin: CyberSEO Suite
d-null is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 03:13 AM   #5
mrthumbs
salad tossing sig guy
 
mrthumbs's Avatar
 
Join Date: Apr 2002
Location: mrthumbs*gmail.com
Posts: 11,702
Xango is a mlm program.. i think the 'hacker' did add ref codes but got caught and the xango owners redirected his account to the 'charity' division ?
mrthumbs is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 03:18 AM   #6
D Ghost
null
 
D Ghost's Avatar
 
Industry Role:
Join Date: May 2006
Posts: 9,820
interesting
D Ghost is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 03:57 AM   #7
Mr Pheer
Retired
 
Mr Pheer's Avatar
 
Industry Role:
Join Date: Dec 2002
Posts: 21,264
sounds like you were running an old version of wordpress
__________________
2 lifeguards for Jessica
Mr Pheer is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 04:28 AM   #8
malfo
Confirmed User
 
Join Date: Oct 2005
Posts: 130
Quote:
Originally Posted by Mr Pheer View Post
sounds like you were running an old version of wordpress
yes i have the same and run an old version of WP.. how could correct this without updating WP
__________________
pchhhhttt.. my mom doesnt know i work in porn business
malfo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 04:42 AM   #9
CyberHustler
Masterbaiter
 
Industry Role:
Join Date: Feb 2006
Posts: 26,189
Quote:
Originally Posted by malfo View Post
yes i have the same and run an old version of WP.. how could correct this without updating WP
You gotta update...
CyberHustler is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 04:56 AM   #10
malfo
Confirmed User
 
Join Date: Oct 2005
Posts: 130
Quote:
Originally Posted by Nick Decker View Post
You gotta update...
i wont! :-D
__________________
pchhhhttt.. my mom doesnt know i work in porn business
malfo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 05:00 AM   #11
CyberHustler
Masterbaiter
 
Industry Role:
Join Date: Feb 2006
Posts: 26,189
Quote:
Originally Posted by malfo View Post
i wont! :-D
Then enjoy being hacked...
CyberHustler is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 05:06 AM   #12
Violetta
Affiliate
 
Violetta's Avatar
 
Join Date: Jul 2004
Posts: 28,735
Quote:
Originally Posted by malfo View Post
yes i have the same and run an old version of WP.. how could correct this without updating WP
change the password for your ftp! That worked for me!
__________________
M&A Queen
Violetta is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 05:17 AM   #13
Markul
Likes Pie
 
Markul's Avatar
 
Industry Role:
Join Date: Dec 2007
Location: The land that liberated porn
Posts: 12,401
Quote:
Originally Posted by Mr Pheer View Post
sounds like you were running an old version of wordpress
Yea, that one blog was running 2.0.5 - only have a few that's still on that, the rest are updated. Yes yes I know the risks of not updating.


Quote:
Originally Posted by malfo View Post
yes i have the same and run an old version of WP.. how could correct this without updating WP
Simple, upload a fresh header.php file. Wait for next hack and repeat, or update the blog ;) fixing this hack takes less than a minute lol, but I expect to see it again and again until I update the wp software.
Markul is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 05:24 AM   #14
Markul
Likes Pie
 
Markul's Avatar
 
Industry Role:
Join Date: Dec 2007
Location: The land that liberated porn
Posts: 12,401
Quote:
Originally Posted by jetjet View Post
what type of script were you running on the site?
WP. And an old dated one at that, so yea I had it coming I guess

Quote:
Originally Posted by mrthumbs View Post
Xango is a mlm program.. i think the 'hacker' did add ref codes but got caught and the xango owners redirected his account to the 'charity' division ?
Well the links were all w.o. affiliate code in the file, so yea, I presume that the people who run that service are a bunch of scammers (never in my life have I seen an MLM program that didn't involve at least one element of shady business practice anyway, so this doesn't really surprise me that much).

Still doesn't make it right in my book, just because you CAN do something, doesn't mean you HAVE to.

They looked like this:
Code:
<a href="http://www.xangogoodness.org/store/shop.php?blog=via&name=Viagra-pills-uk">Viagra pills uk</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy&name=Potassium">Potassium</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy&name=Botox">Botox</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy2&name=Diflunisal">Diflunisal</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy&name=Monopril">Monopril</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy2&name=Biperiden">Biperiden</a>
and so on... probably a script they have running to target old WP blogs *shrug*
Last edited by Markul; 07-28-2008 at 05:27 AM..
Markul is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 05:26 AM   #15
Markul
Likes Pie
 
Markul's Avatar
 
Industry Role:
Join Date: Dec 2007
Location: The land that liberated porn
Posts: 12,401
Quote:
Originally Posted by Rockatansky View Post
change the password for your ftp! That worked for me!
Hmmm.. I fail to see how this relates to FTP access, if this person had FTP access - he would do something else I think, and not just one one site....?
Markul is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-28-2008, 06:18 AM   #16
tranza
ICQ: 197-556-237
 
Join Date: Jun 2003
Location: BRASIL !!!
Posts: 57,559
That's bad..
__________________
I'm just a newbie.
tranza is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
So I had my first site hacked... So I had my first site hacked...
« Previous Thread | Next Thread »

Bookmarks
Thread Tools



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.