Page 1 of 2
Bah - hacky kids
Posted: Mon Jul 24, 2006 6:05 am
by Grim...
One of my domains got hacked over the weekend - it looks like a script was used to replace anything with 'index.' in the filename with his
lovely alternate version (work safe, but plays music).
Do you think I should report it? If so - who the hell do I report it to?
Posted: Mon Jul 24, 2006 6:13 am
by Benjamin
Freakin putz
Sorry to hear all that.. wonder how he got in. I don't think anyone would do anything about it if you reported it though honestly, but you never know, the FBI might go after them since it's terrorism related..
Posted: Mon Jul 24, 2006 6:45 am
by GM
Not just hacked...
Hacked "in the name of Allaah".
I wonder where in the Koran it is written that websites should be hacked...?
Posted: Mon Jul 24, 2006 6:54 am
by patrikG
Sorry to hear you got hacked. I like the music, though

Re: Bah - hacky kids
Posted: Mon Jul 24, 2006 7:01 am
by Chris Corbyn
Grim... wrote:Do you think I should report it? If so - who the hell do I report it to?
Report it to your web host.
Is this a shared host? Make sure all the other thousands of users on the same server don't have access to your stuff. If it's a VDS or dedicated server first change your passwords immediately, make sure you have no stupid accounts with names like "test, password=test". Then upgrade what you can. Check your logs for access times and IP addresses and see if you can trace where this come from. Maybe even see if they left what they did in .bash_history.
Re: Bah - hacky kids
Posted: Mon Jul 24, 2006 7:20 am
by Grim...
d11wtq wrote:Report it to your web host.
Is this a shared host? Make sure all the other thousands of users on the same server don't have access to your stuff.
Yeah, I did that straight away. It looks like they went in via my FTP account, nothing else on the server was touched.
Re: Bah - hacky kids
Posted: Mon Jul 24, 2006 7:21 am
by Chris Corbyn
Grim... wrote:d11wtq wrote:Report it to your web host.
Is this a shared host? Make sure all the other thousands of users on the same server don't have access to your stuff.
Yeah, I did that straight away. It looks like they went in via my FTP account, nothing else on the server was touched.
So you'll have changed your password then

Posted: Mon Jul 24, 2006 7:24 am
by shiznatix
it's people like that who if you where ever to meet in real life would end up with a broken nose and minus some teeth. sorry to that.
Posted: Mon Jul 24, 2006 8:12 am
by Grim...
And then I'd be in trouble for breaking his nose.
Pfft.
Posted: Mon Jul 24, 2006 8:44 am
by jayshields
I remember back in the day when I used to run PHP-Nuke websites, they used to get hacked into every other week.
I can't understand why people would spend time and effort doing something to annoy someone else when they have nothing against them - obviously the reason is "just because they can", but they could also have spent that time clearing the streets from rubbish rather than hacking websites.
Posted: Mon Jul 24, 2006 4:40 pm
by RobertGonzalez
You're not, by any chance, on iPowerweb servers are you?
Posted: Tue Jul 25, 2006 3:57 am
by Grim...
Nope.
Posted: Tue Jul 25, 2006 5:56 am
by SpiderMonkey
jayshields wrote:I can't understand why people would spend time and effort doing something to annoy someone else when they have nothing against them - obviously the reason is "just because they can", but they could also have spent that time clearing the streets from rubbish rather than hacking websites.
The answer to that question should be self evident - which is more fun, picking up half eaten kebabs or engaging in a battle of technical aptitude with a website designer?
Anyhow, what was the original content of this site, that it attracted such a hacker?
Posted: Tue Jul 25, 2006 6:32 am
by Benjamin
Grim,
Have you determined how he was able to obtain your login credentials? Was anyone else on the server effected? If not, and your on Windows, I would reformat and reinstall.
Posted: Tue Jul 25, 2006 6:55 am
by Grim...
Brute-force on my FTP password, according to the logs.