My Site got hacked :-((

My Site got hacked :-(( (Full Version)

All Forums >> [Web Development] >> General Web Development

Message

bernieboy31 -> My Site got hacked :-(( (3/2/2008 19:35:20)
I run a small community site Bllcks-to-pca.org [where, due to the naughty word checker on this forum, = o]* for suffers of Prostate Cancer, which got hacked Sat night by "KimLiksiZ DEVLET" ("MUSLIM_HaCkER"). The hack involved addition of a bunch of index.* and default.* files in every site directory and sub-directory. Any idea how this can happen and bstards like this can get access? There is only one FTP and FP account for site updates which is mine and my PC is secure. The site is prmarily .asp using FP as the basis and is on a shared windows server. I have quieried the hosting service about it. So far all they have come back with is "Do I have Content Management System?"* The answer to which is no. Advice please kind gurus as I don't want to spend anymore Sundays deleting crap files on the site via FTP. (The databases were all OK - thank heavens) TIA Bernie

treetopsranch -> RE: My Site got hacked :-(( (3/2/2008 21:49:51)
Change your password(s) now.

BobbyDouglas -> RE: My Site got hacked :-(( (3/2/2008 22:08:52)
You should contact your host, they should help you with getting this fixed. quote: Any idea how this can happen and b*stards like this can get access? - Most likely it is the fact you're running an ASP script that isn't secure. Something that needs to be updated that never was. Those are usually the most common causes for defaced sites.

bernieboy31 -> RE: My Site got hacked :-(( (Solved) (3/3/2008 6:02:54)
Below from my hosting service. Is this "BS"? Quote We are aware that at approximately 10PM on Saturday 1st March approximately 100 users had their site's index files overwritten without their consent. This was made possible due to an undisclosed vulnerability in Microsoft Windows Server 2003 which allowed the hacker to gain write permissions over directories outside of his web root. This allowed him to write, briefly, to other user's websites. We have since prevented this exploit from being run again and are urgently seeking a patch for the issue from Microsoft. At no point was the server compromised and, thanks to the nature of our clustered system, the only system affected at all was the .122 web server. No other servers including email or DNS were affected. Unquote The rest of the response was grovelling apologies [8D]

caz -> RE: My Site got hacked :-(( (Solved) (3/3/2008 6:27:55)
I vaguely remember that Windows Server was included in the last Patch Tuesday batch of MS updates, perhaps they were a bit slow/ham fisted in applying them? Have they changed your password? If not you should do it through your cp and look at using Spooky Login for password protecting your site, if you don't already. But they have acknowledged that it was not your fault, nor that of the other 99 sites and it has happened to many of us in the past so don't beat yourself up too much about it. [;)]

bernieboy31 -> RE: My Site got hacked :-(( (Solved) (3/3/2008 6:54:11)
Cheers Caz [:D] First thing I did yesterday before clearing out the crap files was a p/word change on everything - C/panel, FTP and FP. I already have a "derivation" of spooky on the site for the Members Area. Thanks for the comfort !!

BobbyDouglas -> RE: My Site got hacked :-(( (Solved) (3/3/2008 10:52:41)
There is always a chance for a security issue/hole. The best hosts are the ones that find it quickly and patch it up ASAP. You can ask them for more information regarding what the security issue was, or how they "patched" it. They could just be giving you BS, or they could really be on top of their game. It does sound a bit fishy that there was an exploit in the server, but only one of the servers was affected. Seems to me if there is an exploit for windows server 2003, all servers would be affected. Their explanation is perfectly fine for an average user. However, I personally would expect more of a technical explanation, with details on what exactly was fixed.

Page: [1]

Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.0625