My Mainstream Site Got Hacked with PORN! Who Did It?? [SCREENSHOTS]
I have some mainstream sites running Wordpress. The DNS was on Cloudflare. I looked at one site today and all I see is this Button:
https://i.imgur.com/iKW3KSK.jpg So I click it and it takes me to what looks like a Russian porn site and then immediately loads this pop-up: https://i.imgur.com/t535wO5.jpg So I go to close the pop-up and it immediately opens a new tab with this full-screen ad: https://i.imgur.com/dJv2NH7.jpg When I finally close all the bullshit the site looks like this: https://i.imgur.com/b0p8uHv.jpg https://i.imgur.com/RoJb76J.jpg --------------------------------- I fixed this in 2 minutes by switching the site back to my webhost's nameservers. So have any of you heard of Cloudflare DNS hacks? |
If you're not using 2FA on cloudflare they are most likely in your e-mail too.
|
Oooo spooky
|
Web cache poisoning? I don't know much about it. But it does seem popular.
https://portswigger.net/blog/practic...ache-poisoning |
Have you looked at server logs to see what commands were used? And from what possible IP? Was it a Wordpress hack using an older version? Did they hit any other sites on the box?
|
Any updates on this? Was it web cache poisoning? Been reading up more on it, Pretty interesting stuff. James Kettle did a presentation on it. He is a genius.
|
fuckers, hope you get it sorted :(
|
So I logged into CloudFlare, where my account didn't have any websites on Cloudflare! It looks like someone was able to get into my account and remove my site & redirect my domain.
I updated my password with a much stronger one and will also start using 2FA. Site is back up on Cloudflare. I found this interesting article on DNS cache poisoning. :thumbsup |
All times are GMT -7. The time now is 07:06 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc