One of our sites has been hacked! - Page 2

thehulk · June 29th, 2008, 4:50 AM

I dont know anything about hacking or network security but I want to share my experience of getting hack.

There is a program like keypass or roboform or key scrambler (for IE ) which remember passwords for us so we dont have to type any password or username everytime we log in. The program claim that they can outsmart keylogger. Keypass and roboform also had file key which is good, in my opinion.

inthestars · June 29th, 2008, 5:16 AM

Quote:

Originally Posted by Kayla

inthestars, what kinds of applications are they using on their sites? Any situation will have a specific reason and are all unique to the type of website.

Well all I know is that both of their sites have graphics for visitors. Like those MySpace graphics.

Secret Kingdom - High Quality Graphics, Summer Glitters, MySpace Glitter Graphics, MySpace Layouts, Summer Glitters, High Quality Graphics, Glitters Words, Glitter Fills, Contests, Glitter Words, Glitter Fills, Pretty Dolls, Downloads, Tutorials, Req my hostee's site
ALLUREDESIGNS -- MySpace Layouts, Skinny Layouts, Default Layouts, Double Background Layouts, Skinny Double Background Layouts, Cute Skinny Layouts, Skinny Default Layouts, Abstract Layouts, Girly Layouts, Polkadots Layouts, Heart Layouts, Skull Layo friend's site who got hacked

According to the Surpass staff, the hacker for my hostee's site, logged in via ftp. =/ Somehow the got hold of her password.

As for AllureDesigns, she says she is still waiting for a reply from you guys.

Both sites are hand coded.

gmax21 · June 29th, 2008, 5:29 AM

They are hand coded?

I've just seen many free and paid scripts that do the same thing and have admin back ends.

There are also forms on the second one, often these types of scripts ain't that secure, even the commercial ones.

However if your being told they got in via ftp, then I suppose they acquired the details some other way. I know some scripts like these do have inbuilt FTP browser/uploaders.

krazykat · June 29th, 2008, 9:26 AM

Quote:

Originally Posted by gmax21

Do all these sites reside on the same server?

All it may require is someone with an ill programmed script and people can gain access to the server.

krazykat,

What else does this customer of yours have on the website, only HTML? or are there any forms, server side scripting?

If they do have forms and they are not correctly sanitised in what ever language it's written, then it's entirely possible for script kiddies to get in easily.

There is more than one way to skin a cat. (Not that I skin cats!) .

The question in my mind though, is why would they make subtle changes, most crackers (not hackers depending on your definition), script kidders would stick up a little page telling the world it was them or their alias. Seems strange they would make such minor changes.

And banning an IP won't do to much with so many easily accessible proxy servers available for free, and the type of people that do this to sites will know this and use them.

Sorry I can't offer much in the way of help here.

Hi gmax21,

To answer your questions, my customer has only html code...no forms, no scripts, no myspace-type graphics, and no back-door admins.

You make a valid point. Why would a hacker just make subtle changes? As it turns out, the suspected hacker is someone known to my customer...someone who has no personal access to my customer's computers, home or office. So this hacking is of a personal vendetta-type nature...and we can supply proof to support this.

The Abuse Dept has informed me that they are investigating this issue. I would like to give SurpassHosting the opportunity to address the issue of this security breach, before I divulge any more details about the circumstances.

I would like to thank everyone for their great suggestions/ideas. It's been quite an educational experience...nevertheless disturbing.

gmax21 · June 29th, 2008, 9:42 AM

Ouch thats even scarier when it's someone you know.

I understand though client confidentiality.

I hope it all gets sorted out for you.

krazykat · June 29th, 2008, 9:53 AM

Me too, gmax21...the sooner, the better!

Oh, and I forgot to say that you're right...I should have used the term "cracker," not "hacker."

**Twist3d** · June 30th, 2008, 7:54 AM

Quote:

Originally Posted by krazykat

I should have used the term "cracker," not "hacker."

I agree

June 29th, 2008, 4:50 AM	#10 (permalink)
thehulk Registered User Fresh Surpasser Joined in Jun 2008 Lives in riviera - italy (I wish) 29 posts Gave thanks: 3 Thanked 1 Time in 1 Post	I dont know anything about hacking or network security but I want to share my experience of getting hack. There is a program like keypass or roboform or key scrambler (for IE ) which remember passwords for us so we dont have to type any password or username everytime we log in. The program claim that they can outsmart keylogger. Keypass and roboform also had file key which is good, in my opinion. __________________ In losing your temper, you prove not your strenght but the weakness of your control

June 29th, 2008, 9:53 AM	#15 (permalink)
krazykat Registered User Fresh Surpasser Joined in Jul 2005 Hosted on Pass38 11 posts Gave thanks: 5 Thanked 0 times	Me too, gmax21...the sooner, the better! Oh, and I forgot to say that you're right...I should have used the term "cracker," not "hacker." __________________ ~krazykat~ Pass38

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

June 29th, 2008, 5:29 AM	#12 (permalink)
gmax21 Registered User Seasoned Poster Joined in Jun 2008 Lives in UK 68 posts Gave thanks: 5 Thanked 8 times	They are hand coded? I've just seen many free and paid scripts that do the same thing and have admin back ends. There are also forms on the second one, often these types of scripts ain't that secure, even the commercial ones. However if your being told they got in via ftp, then I suppose they acquired the details some other way. I know some scripts like these do have inbuilt FTP browser/uploaders.

June 29th, 2008, 9:42 AM	#14 (permalink)
gmax21 Registered User Seasoned Poster Joined in Jun 2008 Lives in UK 68 posts Gave thanks: 5 Thanked 8 times	Ouch thats even scarier when it's someone you know. I understand though client confidentiality. I hope it all gets sorted out for you.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)