GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   We got hacked!!! (https://gfy.com/showthread.php?t=38457)

Scraper 09-07-2001 06:42 AM
We got hacked!!!
 
Hey all,
We recently had our site hacked by people on the same server using the Unix "more" command.

It basically allowed them to view the source code for PHP scripts on the virtual server account we are using. And make a connection to our database etc. using the username and passwords we had in the source code.

I'm still not totally sure how to remove this risk (without going to a dedicated server), maybe its just our hosting company isn't the best.

In any case, I thought I'd just mention that here so others can take that into consideration when making sites.

http://bbs.gofuckyourself.com/board/smile.gif

Ciao.

AnthonyR 09-07-2001 06:45 AM
yep, sounds like a hosting problem. They seem responsible to me!


regards,
Anthony


------------------------------------
<a href="http://space4porn.com/wm1.html">Space4porn.com freehosting</a>

Wizzo 09-07-2001 08:27 AM
Yea, I would be shopping for a new host...

my6com 09-07-2001 09:04 AM
>>hosting company isn't the best

call em, they fucked up!

my6


------------------
Scandinavian Webmaster Opportunities

http://www.se.sexdoubler.net/



[This message has been edited by my6com (edited 09-07-2001).]

Freako 09-07-2001 09:35 AM
It's normal they can access your files if you chmod them 777 :P Check your file permissions first, if that's not it... run away from there

Freak! http://bbs.gofuckyourself.com/board/eek.gif

missnglnk 09-07-2001 09:42 AM
Umm, you weren't hacked, the more command is standard on most, if not, all Unix distributions and derivatives. This problem can be easily fixed by changing the permissions of your home directory.

Chances are the web server is run as the user 'nobody' so you can do the following on selected or all files that you want protected:

chown your-username-here /path/to/file
chgrp nobody /path/to/file
chmod 640 /path/to/file

That changes the permissions so that only you and the users in the group nobody are the only ones allowed to read the file.

99.99999% of the time, the only user in the group nobody is nobody, and very few processes run as nobody, usually the only one being apache.

If it's an executable file, then you
would change the mode of the file to 750
instead of 640 using the method described
above.

------------------

Scraper 09-07-2001 09:55 AM
missnglnk - Thanks. Thats helpful, I've decided to (immediately) hook up with another host. But its great to have that info available so I don't make the same mistake again http://bbs.gofuckyourself.com/board/smile.gif

Lane 09-07-2001 09:56 AM
your hosting company shouldnt allow people to enter eachothers folders.

Juge 09-08-2001 09:27 AM
I know a great host if you're looking for one, scraper.

TFCash 09-10-2001 01:23 AM

Well I hate to break the news to you guys, but unless your host is running php in strict mode(which many don't !!!) then anyone that has an account on your server could in theory get a full listing of what is in your folders, and also do a complete listing or download of what is in your files, including any usernames and passwords that might be in your php files! I won't post the 7 or 8 lines of code that would do this, but rest assured it is that simple http://bbs.gofuckyourself.com/board/frown.gif And changing the permissions to nobody will have no effect at all, since apache run's as nobody any php script that is ran on your system has nobody privileges so they can see those files!

If you are making a living at this ( i.e. webmastering is your sole means of income) then you are really silly if you don't have your own det server to run your sites from. Now if you do this as a hobby or for extra cash, then a shared server will probably be fine for what you do, just don't freak out too much if you find that you've been hacked, or someone has ripped off your user database. I would suggest a daily backup of some sort, either have a secondary hosting account where you backup all your files for all your domains, or have a broadband connection at your house and keep a copy there burned onto CD.


Tim

Osholio 09-10-2001 04:08 AM
Another option, which I mentioned yesterday in an answer to a question about PHP, is the Zend Encoder. What it does is runs the first two passes of the php optimiser, then encrypt's the output to make it a real challenge for anyone to figure out what's in the file.

You can get it from http://www.zend.com/ as part of the Zend Developer's Suite for $50 a month, which is a good price if you're making a living from your site.

Damn, I'm advertising them so much they need to set up an affiliate's programme http://bbs.gofuckyourself.com/board/smile.gif

------------------
ClickCash - Better than 1:99 and $50 for signing up

Due 09-10-2001 03:37 PM
Quote:
Originally posted by Lane:
your hosting company shouldnt allow people to enter eachothers folders.
No we all know what happend last time you where able to do that http://bbs.gofuckyourself.com/board/frown.gif

missnglnk 09-11-2001 06:03 AM
Real quick fix:
* chmod 700 /path/to/your/homedirectory

This is basically what your ISP would have
done if you had asked them to rectify it...

Now, if they change it back...you have some
issues.


All times are GMT -7. The time now is 01:09 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123