Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
gregexp
The Mouse Is Extension Of Arm


Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol

PostPosted: Sat Mar 18, 2006 10:24 pm Reply with quote

heres the thing, i have learned a lot about php, i can install sentinel and do a lot more to the nuke itself. now i got no webmaster to help me and im still new at all this...i try to help where i can.
my site was recently hacked
and i got no clue how...ive done days of research. they dropped the whole thing...database and the public_html
they also changed the user e-mail on my cpanel acount
this is where im lost...how in gods name can this happen??
my server is not vulnerable to many scripts at all
only the scripts that if u want php on it, u cant block em.
is there a way i can lock it down so to speak to make it so my site cannot get hacked like it was....im thinkin hacked isnt the right word...perhaps exploited would be....honestly got no clue as to how this happened...plz help..ty
 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Sun Mar 19, 2006 5:08 am Reply with quote

well if your talking about cpanel then some one had the login.
cpanel also keeps logs like last visit of admin etc..

but your story sounds a bit hysterical,so maybe a well explained story would be nice starting at where and what exactly happend.
 
View user's profile Send private message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Sun Mar 19, 2006 5:09 am Reply with quote

Did´t you find anything in the logfiles ? I often search for the hackers name and check what they did with other sites to find out more.
 
View user's profile Send private message
gregexp
PostPosted: Sun Mar 19, 2006 11:41 am Reply with quote

ok heres the thing...i got no clue where to start...i search the loggs and got the ip but thats it...i also got the time it happened. problem is i got no clue how or what he did to get the cpanel username and pass...ne ideas on where to begin. and i gave no1 the username and pass to my cpanel. my server owner can get it...and my partner in hosting....but i know niether would have gotten it and given it out....im askin more because i have no clue as to how it happened and if u like to see the site or talk to me more directly..plz look at my profile...it has all my contact info on it...1 more thing....im not trojaned or keylogged...first thing i thought as a possibility. Very Happy
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sun Mar 19, 2006 4:29 pm Reply with quote

If they've gotten root access to your server, they can change anything they want. More likely is that you have the same passwords for FTP/Database/.. other accounts.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
gregexp
PostPosted: Mon Mar 20, 2006 2:53 pm Reply with quote

forgive me guys and thanx for all the posts...i found out how they got in and i increased security on my site...im currently in the process of rebuilding it...i learned of quite a few file edits to secure it more proficiently. most from this site and i believe i have a grasp on how this happened...first mistake...i made the admin pass and cpanel pass 1 in the same...wont do that again Laughing Laughing
2nd mistake...sentinel was not configured correctly. mind u i said configured..it was installed correctly. but now that i have read in detail on settin sentinel up and the ways ppl can run scripts to get passwords and such...most of which apparently sentinel can stop. i have made some things on my site not so easy..but the thing is i dont really have a grasp of how these ppl run exploits and such it seems ppl can input what appear to be sql commands in for usernames and such....i went with a your account module that allows me to keep certain usernames not allows with a form of wildcard feature....i believe this will help a lot....others r that they can upload into ur site...ussually avatars...others allow uploads for downloads and such...i dont allow ne uploads from my site except avatars...was hoping to find a way to allow those and have good security still...ne ideas on that???..other then that i believe i have done as much as i can.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©