I got HACKED by using the AUTOBLOG PLUGINS here!

C

ClownBaby

Senior Member
Joined
Oct 25, 2009
Messages
830
Reaction score
75
so i wasuploading the plugins here following the step by step thread. suddenly my FTP stops!

Im thinking it is downtime on the server i use (inmotion hosting).

i come to find out, the plugins (YES THE PLUGINS) used for autoblogging got me hacked. they got in, changed the PW to cpanel and started messing around.

I have no keyloggers or anything else on my pc. this was strictly from the plugins I got on this forum in the step by step process. I spoke to the hosting security team and they confirmed it was from the plugins.

The hacker also went and blocked my IP so it would look like my site was down when it really wasnt. Just puttin this out there as a warning to others.
 
Advertise on BHW
If you remember the thread, go and report it.
 
Where is the thread you got that plugins from ?
 
lol dude. Noone can hack your passwords through a script unless you save all your info in a text file and upload to your server lol. I can confirmed this.

***Your post shows that you didn't have any knowledge about scripting, then just shut up and don't spread around here. If you're one of the owners of these plugins shared in BHW and trying to post false alarm here ... you will be kicked in the ass!
 
Last edited:
I've just posted this one of the other threads you're posting this on.. thought I'd add it here too..

---
you're spreading this bull over all autoblog posts.. what's your game?

on one you say you've had you're cpanel hacked and blame the plugins, another you're adding that you had you're IP blocked, now you're re-formatting you're machine...

you've not once pointed at any one plugin, just 'these plugins'..

if there was such a problem, I'm sure that loads of people on here, probably me as well, would've been hit the same way and made a lot of noise.
---

as you say your host blamed the plugins, then surely you can tell us which one?
 
ill let you know whcih plugin tomorrow. im just seeing this thread now and it late. ill definitely followup though.
 
can you also tell us what antivirus and anti malware program you are using on your pc?

thanks.
 
I think you can hack through just a script..provided some of the php functions are open..

!:) Not going any longer

So please provide the proof of the plugins
 
If it really happened than the creator of the script will be the best coder of the century. It is not possible to hack hosting with an uploaded script. The most dangerous virus or malware for hosting is iFrame Virus, which only does blacklisting IPs and Site to browser.
So until you can show us any proof, don't blame BHW members.
 
naaah via autoblog plugin a cpanel server cant be hacked and also not in some few minutes as he i s saying he was uploading and suddenly the ftp stopped ! i m sure that ur pc infected change ur anti virus to nod32 or kaspersky ! and try to scan ur pc nobody can hack cpanel server via script unless u are complete noob and allow shell execute , url include and other dangerous php functions in server !!
 
ClownBaby said:
so i wasuploading the plugins here following the step by step thread. suddenly my FTP stops!

Im thinking it is downtime on the server i use (inmotion hosting).

i come to find out, the plugins (YES THE PLUGINS) used for autoblogging got me hacked. they got in, changed the PW to cpanel and started messing around.

I have no keyloggers or anything else on my pc. this was strictly from the plugins I got on this forum in the step by step process. I spoke to the hosting security team and they confirmed it was from the plugins.

The hacker also went and blocked my IP so it would look like my site was down when it really wasnt. Just puttin this out there as a warning to others.
Click to expand...

lol you do know that some programs that steal data have rootkits and are undetectable by avs right? Just pointing that out there, also i bet you were using a shared hosting as well. So unless you go through the plugin and find w/e it was, then its either a virus or server side exploit.

lol dude. Noone can hack your passwords through a script unless you save all your info in a text file and upload to your server lol. I can confirmed this.

***Your post shows that you didn't have any knowledge about scripting, then just shut up and don't spread around here. If you're one of the owners of these plugins shared in BHW and trying to post false alarm here ... you will be kicked in the ass!
Click to expand...

LOL dude, read up on php before you talk. There are things called shells that is a simple script that can gain access to every file on your site. There are also php bots and js bots. Please don't talk when you have NO F***ING clue.
 
Well i recently got my blog hacked aswell and i suspected it was was the global translator plugin, but it could have been also an exploit on the whole shared server i am still unsure.. however some plugins require 777 and thats a big BS, you cannot tell me the owner or somebody else cannot put some iframe or obfuscated code there that will display on your site and redirect people.

i am sure this is possible through 777 plugins, so dont have anything 777 in your wp installation.
 
Just to let you guys know there are many MALWARE cPANEL HACKS lately. Don't log in to your cPANEL while on a friend/reletives computer, just logging in once can compremise your server.

I had this happen to me 3 weeks ago, now when ever I log into my cPANEL at a friends house I boot from a secure LIVE USB drive

I recommend malwarebytes for checking for malware also
 
Last edited:
guys, if you are using simple plugins like global translator and not the plugins you use for autoblogging, get it from the official source. w0rdpress.0rg to be safe.
 
@ghost: don't bash me for NOT READING my post, ofcourse php shells can gain access to any file in my host BUT OP said:

Code: 
[B][COLOR="Lime"]they got in, changed the PW to cpanel and started messing around.[/COLOR][/B]
This is why I think he got trojan instead of being hacked through php scripts.


So if you can fucking change my Cpanel Password with php shells come on! I challenge you! WTF you think you are ?
 
Last edited:
@c0ntempt: yes php shells like c99 is very powerful but how you can use it to change someone's cpanel passwords? lol this is imposible and this is the reason why I can tell OP got trojan.
 
@c0ntempt: yes I agreed :p I owned over 1k us servers in my past 3 years but I'm not hacking any more. I tell you this: always there are bugs but a very few experienced hackers can do this, you think these guys got so much rare time to mess around with these little blogs? lol NO man!

If the server's root is hacked there are 3 things we should know:
1. Your server has SHIT LIKE security! Get away from it or you will get in trouble soon or later.
2. You have to be proud that you have met 1 of the most experienced hacker :)
3. There are extremely powerful exploits just discovered that we didn't know about it. In this case, these hackers don't target on such ... little "auto" blogs lol. Why the hell they want to fuck these noob blogs?
 
Last edited:
youngguy said:
@ghost: don't bash me for NOT READING my post, ofcourse php shells can gain access to any file in my host BUT OP said:

Code: 
[B][COLOR=Lime]they got in, changed the PW to cpanel and started messing around.[/COLOR][/B]
This is why I think he got trojan instead of being hacked through php scripts.


So if you can fucking change my Cpanel Password with php shells come on! I challenge you! WTF you think you are ?
Click to expand...

lol yes you can. You simple use some reverse engeneering to talk to the hosting companies to let you in.
 
:) so these hackers have too much time in the hard way to hack these autoblogs? lol make no sense. Servers' admins are not really that stupid.

And guys, sorry for my previous posts. I got a hard day and my mood is not so good these day, got some trouble in my day job. Apology all!

thanks.
 
Last edited:
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top