GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   So I had my first site hacked... (https://gfy.com/showthread.php?t=844092)

Markul 07-28-2008 01:06 AM
So I had my first site hacked...
 
Seems some idiot managed to change something in a header file, injecting massive amounts of links to something called www.xangogoodness.org

whois says this shit is owned by a Scott Smith from XanGo LLC, anyone know these fuckers?

yahoo-xxx-girls.com 07-28-2008 01:13 AM
The hacker might not be this guy or lady @ www.xangogoodness.org... it could be almost anyone... does it make sense to you for them to hack your server just to make it easy for someone like you to trace them by whois ???

Markul 07-28-2008 01:26 AM
Why would anyone add just about a thousand links to a service when it has no ref id or anything, just plain old links?

Unless I pissed someone off, but it wasn't even a big site or anything.

d-null 07-28-2008 01:39 AM
what type of script were you running on the site?

mrthumbs 07-28-2008 03:13 AM
Xango is a mlm program.. i think the 'hacker' did add ref codes but got caught and the xango owners redirected his account to the 'charity' division ?

D Ghost 07-28-2008 03:18 AM
interesting

Mr Pheer 07-28-2008 03:57 AM
sounds like you were running an old version of wordpress

malfo 07-28-2008 04:28 AM
Quote:
Originally Posted by Mr Pheer (Post 14519597)
sounds like you were running an old version of wordpress
yes i have the same and run an old version of WP.. how could correct this without updating WP

CyberHustler 07-28-2008 04:42 AM
Quote:
Originally Posted by malfo (Post 14519642)
yes i have the same and run an old version of WP.. how could correct this without updating WP
You gotta update...

malfo 07-28-2008 04:56 AM
Quote:
Originally Posted by Nick Decker (Post 14519662)
You gotta update...
i wont! :-D

CyberHustler 07-28-2008 05:00 AM
Quote:
Originally Posted by malfo (Post 14519744)
i wont! :-D
Then enjoy being hacked...

Violetta 07-28-2008 05:06 AM
Quote:
Originally Posted by malfo (Post 14519642)
yes i have the same and run an old version of WP.. how could correct this without updating WP
change the password for your ftp! That worked for me!

Markul 07-28-2008 05:17 AM
Quote:
Originally Posted by Mr Pheer (Post 14519597)
sounds like you were running an old version of wordpress
Yea, that one blog was running 2.0.5 - only have a few that's still on that, the rest are updated. Yes yes I know the risks of not updating.


Quote:
Originally Posted by malfo (Post 14519642)
yes i have the same and run an old version of WP.. how could correct this without updating WP
Simple, upload a fresh header.php file. Wait for next hack and repeat, or update the blog ;) fixing this hack takes less than a minute lol, but I expect to see it again and again until I update the wp software.

Markul 07-28-2008 05:24 AM
Quote:
Originally Posted by jetjet (Post 14519371)
what type of script were you running on the site?
WP. And an old dated one at that, so yea I had it coming I guess :)

Quote:
Originally Posted by mrthumbs (Post 14519548)
Xango is a mlm program.. i think the 'hacker' did add ref codes but got caught and the xango owners redirected his account to the 'charity' division ?
Well the links were all w.o. affiliate code in the file, so yea, I presume that the people who run that service are a bunch of scammers (never in my life have I seen an MLM program that didn't involve at least one element of shady business practice anyway, so this doesn't really surprise me that much).

Still doesn't make it right in my book, just because you CAN do something, doesn't mean you HAVE to.

They looked like this:
Code:
<a href="http://www.xangogoodness.org/store/shop.php?blog=via&name=Viagra-pills-uk">Viagra pills uk</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy&name=Potassium">Potassium</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy&name=Botox">Botox</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy2&name=Diflunisal">Diflunisal</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy&name=Monopril">Monopril</a> <a href="http://www.xangogoodness.org/store/shop.php?blog=pharmacy2&name=Biperiden">Biperiden</a>
and so on... probably a script they have running to target old WP blogs *shrug*

Markul 07-28-2008 05:26 AM
Quote:
Originally Posted by Rockatansky (Post 14519778)
change the password for your ftp! That worked for me!
Hmmm.. I fail to see how this relates to FTP access, if this person had FTP access - he would do something else I think, and not just one one site....?

tranza 07-28-2008 06:18 AM
That's bad..


All times are GMT -7. The time now is 06:44 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123