Hacked and defaced

  Post new topicReply to topicPrintable Version
<< View previous topic View next topic >>
Share: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
#1   Hacked and defaced
bettyswolloks
CZ Super Newbie
bettyswolloks has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Mar 09, 2004
0.01 posts per day
Posts: 68
Points: 7,034
   
Ive been hacked and defaced here's my site [ Register or login to view links on this board.] Some *&^%$# called Kieger has messed my site up,this is the 2nd time,but the most serious,this *&^%$# is able to make its self am admin and to modify loads of files.

Edited for waste of space!



Back to top Reply with quote
#2   re: Hacked and defaced
Telli
Site Admin
Telli has been a member for over 20 year's 20 Year Member
Occupation: Self Employed
Age: 45
Gender: Male
Fav. Sports Team: Detroit Red Wings
Website:
Status: Offline
Joined: May 26, 2003
1.06 posts per day
Posts: 8089
Points: 494,430
   
Losing faith in CZ? It isnt our responsibility to keep your site safe. We provide you with the tools to do it. Maybe you should secure your site so this doesnt happen. Everyday there is a new way to expose your site and there isnt anything that "CZ" can do about it. Thats up to you!

Fortress Just released
[ Register or login to view links on this board. ]

Protector Just released
[ Register or login to view links on this board. ]




_________________
The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men. Blessed is he, who in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother's keeper and the finder of lost children. And I will strike down upon thee with great vengeance and furious anger those who would attempt to poison and destroy my brothers. And you will know my name is the Lord when I lay my vengeance upon thee. Ezekiel 25:17
Back to top Reply with quote
#3   re: Hacked and defaced
bettyswolloks
CZ Super Newbie
bettyswolloks has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Mar 09, 2004
0.01 posts per day
Posts: 68
Points: 7,034
   
im a little stunned by your reply,i downloaded and use your version of the nuke portal,i dont expect 24hr support.bathtub you have given me more support than i ever expected,but then i expected the whole CZ-enhanced thing to be safe,im not slating CZ,i love it,

but............



Back to top Reply with quote
#4   re: Hacked and defaced
Telli
Site Admin
Telli has been a member for over 20 year's 20 Year Member
Occupation: Self Employed
Age: 45
Gender: Male
Fav. Sports Team: Detroit Red Wings
Website:
Status: Offline
Joined: May 26, 2003
1.06 posts per day
Posts: 8089
Points: 494,430
   
All fixes related to security have been kept up to date in the code. Once you take the code and use it on your site you need to ensure that it is kept up to date. I post fixes as I can make them up. I am also going to post a big article on how to keep your site safe. I'm sorry you got hacked but there just isnt anything that me or the CZEnhanced 7.0 was going to do to stop it. These are all new sql injection cases. Some script kiddies finding new ways of messing with us. Stay tuned I will have a few ways to help coming up tonite. For now get in thier and claim "your" site back.




_________________
The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men. Blessed is he, who in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother's keeper and the finder of lost children. And I will strike down upon thee with great vengeance and furious anger those who would attempt to poison and destroy my brothers. And you will know my name is the Lord when I lay my vengeance upon thee. Ezekiel 25:17
Back to top Reply with quote
#5   re: Hacked and defaced
Telli
Site Admin
Telli has been a member for over 20 year's 20 Year Member
Occupation: Self Employed
Age: 45
Gender: Male
Fav. Sports Team: Detroit Red Wings
Website:
Status: Offline
Joined: May 26, 2003
1.06 posts per day
Posts: 8089
Points: 494,430
   
Here read through these they will help you secure your site.
[ Register or login to view links on this board. ]




_________________
The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men. Blessed is he, who in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother's keeper and the finder of lost children. And I will strike down upon thee with great vengeance and furious anger those who would attempt to poison and destroy my brothers. And you will know my name is the Lord when I lay my vengeance upon thee. Ezekiel 25:17
Back to top Reply with quote
#6   re: Hacked and defaced
bettyswolloks
CZ Super Newbie
bettyswolloks has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Mar 09, 2004
0.01 posts per day
Posts: 68
Points: 7,034
   
Fitted both fortress and protector(how do i know its working correctly?) Im now going to work through the other steps you outline.

Thanx Telli,and im sorry if i offended you in any way,it wasn't my intention.



Back to top Reply with quote
#7   re: Hacked and defaced
bettyswolloks
CZ Super Newbie
bettyswolloks has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Mar 09, 2004
0.01 posts per day
Posts: 68
Points: 7,034
   
Where do i find/where do i put??

$query = eregi_replace('UNI0N','UNI0N', $query);


And in your double login.On the 5th line on the modded version of admin.php

should

include("includes/adminconfig.inc.php");

not read

include("includes/adminlogin.inc.php");



Back to top Reply with quote
#8   re: Hacked and defaced
bettyswolloks
CZ Super Newbie
bettyswolloks has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Mar 09, 2004
0.01 posts per day
Posts: 68
Points: 7,034
   
Its been a loooong day for me here icon_eek.gif

Ive applied all but the O to 0 fix.

And still this **%!@! gets in icon_evil.gif

ive deleted superuser aaaaa twice since i fitted all the bells and whistles.

I know ive been posting to this thread all day,sorry about that,but im in the UK so guess im awake while you guys sleep icon_smile.gif




_________________
Lost in a haze of alcohol soft middle age.
Back to top Reply with quote
#9   re: Hacked and defaced
aUsTiN
CZ Active Member
aUsTiN has been a member for over 20 year's 20 Year Member
usa.gif georgia.gif
Age: 41
Gender: Male
Website:
Status: Offline
Joined: Sep 09, 2003
0.02 posts per day
Posts: 142
Points: 57
  MSN Messenger 
If you have protector installed, you can track the page views. Please find the page they are exploting. Please do not copy & paste anything, dont show any of the exploit or anything to that nature, just tell me the file they are using the exploit on. Be it login.php, admin/index.php, modules/downloads/index.php etc.



Back to top Reply with quote
#10   re: Hacked and defaced
Telli
Site Admin
Telli has been a member for over 20 year's 20 Year Member
Occupation: Self Employed
Age: 45
Gender: Male
Fav. Sports Team: Detroit Red Wings
Website:
Status: Offline
Joined: May 26, 2003
1.06 posts per day
Posts: 8089
Points: 494,430
   
And make sure you changed your passwords doesnt do any good to block him if he still has your passwords.




_________________
The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men. Blessed is he, who in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother's keeper and the finder of lost children. And I will strike down upon thee with great vengeance and furious anger those who would attempt to poison and destroy my brothers. And you will know my name is the Lord when I lay my vengeance upon thee. Ezekiel 25:17
Back to top Reply with quote
Display posts from previous:      
Add To: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
<< View previous topic View next topic >>
Post new topicReply to topic

Jump to 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum