Webwriter - Hacked?

All input, comments, and site suggestions here.<br />All Websites are constantly evolving works in progress, so fire away!

Moderators: Dale Ray, SrNupsen, Bluetooth, Jackanape

Webwriter - Hacked?

Postby KriFos » Mon Nov 29, 2004 6:07 pm

I click the download link, and get up a page with the following text:

http://kriko.neosurge.net/webwriter/

Hacked By Q8Crackers Crew DeadLine | bohajr | Befcake | DosMan

#Darknet at irc.gigachat.net
KriFos
 
Posts: 20
Joined: Sun Sep 07, 2003 1:27 pm

Postby cerberos76_ » Mon Nov 29, 2004 6:29 pm

interesting. I hope that is not related to coranto at all, but just a problem with Kriko servers...
Coranto addons:
* GuestPost, one click guestposting
* MoveIt!, Advanced Backup and site transfer
* PartialRebuild, CPU-friendly enhancement of FullBuild
* URLColumn, URLs for multiple Categories/Profiles
* Tickit!, Javascript News Tickers/Faders for Coranto!
* AddonEnabler, enables or disables single, multiple or all addons in one go
* SubmitMultiple, post consecutive news in an automatic loop!
* RSSAdvanced, RelatedNews ....

Get them at: http://coranto.gweilo.org/addons/
cerberos76_
 
Posts: 1339
Joined: Sun Mar 10, 2002 1:21 am

Postby SrNupsen » Mon Nov 29, 2004 7:09 pm

Looks like it's fixed now. Probably nothing to do with Coranto.

SrNupsen
-----------------------------------------------------------------------------------------------------
Coranto is free software. I am available for custom work or troubleshooting.

http://www.sundaune.no - transkripsjon, webdesign, nettsider, tekstbyrå
http://www.vagbladet.no - satire, politikk, kultur, sport, nettavis
-----------------------------------------------------------------------------------------------------
SrNupsen
 
Posts: 2229
Joined: Tue Jan 09, 2007 6:46 pm
Location: Nesodden, outside Oslo, Norway

Postby kriko » Mon Nov 29, 2004 8:32 pm

My site got in the way of a massive defacement by some muslims from Kuwait. The whole server was rooted, in my opinion, and then some index files were replaced. Fortunately only a few were hurt in my account and I had a recent backup copy of them all.

Some defacements have already been reported:
http://www.zone-h.org/en/search/what=neosurge/
http://www.zone-h.org/en/search/what=neopages/

Here's a page I was fortunate not to get:
http://carboncanvas.neosurge.net/q8.html

For a few months the file uploading system on my site had been on attack - PHP files and various viruses were uploaded with no success. My system was set up secure enough not to be penetrated by some hackers. I also banned the IP's behind the attacks.

During september and october my site also exceeded it's bandwidth limits and reached 24GB. The usual BW usage for it had been around 1-2GB (of 10GB max).

My opinion is that there were people working hard to get access to the server and they finally managed to do it somehow.


In any case, I have replaced the files and the systems should be operational, if you encounter any more problems feel free to let me know.
Kristjan aka. kriko
now a wireless expert
User avatar
kriko
 
Posts: 3328
Joined: Sat Feb 24, 2007 8:13 pm

Postby Brad » Wed Nov 21, 2007 4:59 pm

I just wanted to alert other Coranto users. I had a couple of different client's sites hack. All of the sites hacked had Multipart installed and active.

The hackers upload files for a phishing scam, for banks like Wachovia, and others.

Keep a close eye on your sites if you have any upload scripts.
Brad
 
Posts: 81
Joined: Wed May 02, 2007 1:23 pm

Postby SrNupsen » Wed Nov 21, 2007 8:34 pm

True. And make sure to specify which file endings you allow for any upload field.
-----------------------------------------------------------------------------------------------------
Coranto is free software. I am available for custom work or troubleshooting.

http://www.sundaune.no - transkripsjon, webdesign, nettsider, tekstbyrå
http://www.vagbladet.no - satire, politikk, kultur, sport, nettavis
-----------------------------------------------------------------------------------------------------
SrNupsen
 
Posts: 2229
Joined: Tue Jan 09, 2007 6:46 pm
Location: Nesodden, outside Oslo, Norway

Postby AndyP » Sat Dec 08, 2007 11:46 pm

Thanks for the heads up here. I don't use an upload script myself, been stung by that in the past so I keep clear of them.
AndyP
 
Posts: 165
Joined: Wed Jan 10, 2007 10:10 pm


Return to Coranto.org Site Development

Who is online

Users browsing this forum: No registered users and 1 guest

cron