GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   My domain got hacked! (https://gfy.com/showthread.php?t=605738)

LavenderLounge 05-04-2006 01:27 PM
My domain got hacked!
 
A friend called this morning to tell me my domain, Lavender Lounge dot com got hacked. When I checked, sure enough, there was an image of a gnarling dog and this text:

.:[ LegijaOne Ownz you! ]:.
.:[ by FDCR3W ]:.
.:[ H3LLdOgz on the NET! ]:.

I opened my ftp program and found that my "index.html" file had been renamed "xxxindex.html" and there was a new file named "index.php" with that image imbedded.

All I needed to do was delete those weird files and re-load the right file, and it seems to be alright for now.

I called my host, Webair, and they are checking for security leaks.

I am curious to find out the how's and why's. Has this happended to any of you before?

minusonebit 05-04-2006 01:36 PM
Defacement. Hackers do it for kicks.

At least your hacker was nice enough to leave your files intact and not do rm -rf on your root directory.

Change all of your passwords. Make sure you are using something secure for a password (Firefox's secure password generator plugin with an 18 char password is a good start) and then jump all over your host. Also, if you run a forum, be sure you have updated to the most recent version. Forums (esp. phpBB) are great entry points for hackers.

pornguy 05-04-2006 01:53 PM
Webair??? Dman I would expect more from thier stuff.

madawgz 05-04-2006 01:55 PM
doesnt look like the domain got hacked, but the hosting got hacked

they have clans doing that for fun ... see who can do the most defacements...

juve20 05-04-2006 01:55 PM
shit happens!

cheers
tony

SmokeyTheBear 05-04-2006 02:06 PM
maybe your blog software .. what do you use for your blog ? version ?

HairToStay 05-04-2006 02:09 PM
What programs do you run on the site? What scripts?

There is supposedly a new exploit in Apache but so far I haven't been able to track down specifically what it is, what versions it affects, or how it is executed.

thricer 05-04-2006 02:16 PM
you got to hire some security guy to watch out for you server...

LavenderLounge 05-04-2006 02:30 PM
The blog is done with Moveable Type 3.01. Otherwise, the rest of the site is all done in very simple html. I wouldn't know php from pcp, except they both give me a headache.

I had a little javascript on the page from SexMoney that redirected foreign language users. Could that be the problem?

Vox 05-04-2006 03:10 PM
Quote:
Originally Posted by LavenderLounge
The blog is done with Moveable Type 3.01. Otherwise, the rest of the site is all done in very simple html. I wouldn't know php from pcp, except they both give me a headache.

I had a little javascript on the page from SexMoney that redirected foreign language users. Could that be the problem?

There's the culprit: MT 3.01
You need to upgrade to 3.2 ASAP, I've had the same thing happen to me back in November using an older version of MT

SmokeyTheBear 05-04-2006 03:17 PM
Quote:
Originally Posted by Vox
There's the culprit: MT 3.01
You need to upgrade to 3.2 ASAP, I've had the same thing happen to me back in November using an older version of MT
:thumbsup


All times are GMT -7. The time now is 10:10 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123