I Got Hacked... How?

gimme4free

Elite Member
Oct 22, 2008
1,932
1,986
Ive had someone get into my server and upload a load of phishing files, they left the ZIP's on my server and I managed to get 2 emails out of the phishing files:
[email protected]
[email protected]

No idea how to report to Google as they are so hard to get into contact with.

Also found:
$message .= "--------------+ Created in 2008 By Gooodshot +------------n";

Quick Google search showed me a site that gives away these scam pages!?! How is that site still up and running? 1 WebPage with loads of phishing pages available to freely download.

Also, how are hackers catching peoples passwords nowadays? Im really careful and hardly signup anywhere yet it happened to me?
 
Easiest way in is an out of date insecure script on your server.
Failing that brute forcing their way on or even a trojan on your PC that leaks the FTP username / password to them.

Can you see anything in the logs at all - sounds like they just uploaded stuff so the logs may show how they got in.

Feel free to give me a shout if you need a hand.
 
Find the hosting provider for the site and report the site. If it's in a country that enforces and kind of laws it might get removed.
 
There are a couple of ways they could have gotten into your server.

1)Gotten you to run a trojan/keylogger and got your passwords through it.
2)Hacked a forum/website you registered on, got your password, and using it got into your email and eventually your hosting account.
3)Found an insecure script running on your website and exploited it.
4)Hacked another website on your server and used it to get into your directory and upload files.
5)Hacked your webhost and got into your hosting account

....the list goes on and on. You can report them to their host and get their sites dropped, but I doubt anything you can do will land them behind bars. Stay secure :)
 
Is this hack on the same server you are running your incentive site built with project RAFS?
 
someone in the ukraine got into my c-panel on two occasions.
i've since switched to another hosting comp.
 
The solution is get knowledge and run your own server, be your own master.
 
you are honestly, to be blunt, never protected online. simple as that.

it's not the always the user, its flaws in the daily programs we use and sites we use, firewalls & anti-virus programs are just a step in protecting you anyways,

simply put, if you haven't been hacked it's because you haven't been targeted and the flaw wasn't there at the same time. your bound to get hit sooner or later as time goes on with a varable degree of how bad of a 'hit'

the best flaws back in the day were in the 90's and early 2000's with AOL screen saver PassWordStealers , and active x flaws , tell me whos browser doesn't run A-X? myspace allowed flash in comments which allowed people to take over even if it was private or not plus phishing and social eng, piss enough people off that know what they are doing and you'll get hit (from ddos'in to rootkits). only way not to get hit is not be connected to the internet. anti-virus programs are pure junk if its not always up2date and those are still crap compared to custom code. i've seen custom code that would disable and uninstall your firewalls and anti virus programs . firewalls and anti virus programs are only good for the newbie hackers

i've been hit with everything, from kids ddos'ing our isp gateway of a city of 100,000 to rootkits. i've started early early 90's and started programming when i was 13 with qbasic to vb to c++ etc and had a scholarship for cisco networking (ccna) ,

regardless of all that.

you are never protected online. its knowledge VS knowledge online.
 
^i was fixing the gramar then blackhatworld went to fixing the database issue so i couldn't fix it in time.

which was A GREAT IDEA thank you harro for that fix! fuck ***** fuck them one of there post i saw on there was

"Why isn't obama changing anything since bush left, why is it the same."etc and bashing on blacks and why america is faggs they have iq of -2
 
Last edited:
no the web is never 100% safe, but don't rule out carelessness... many people use simple
passwords, or they use the same password over and over. some people actually store their
passwords and ftp info online in text files!

also a lot of servers are not secure. i know of one hosting company that has one of the
worst security problems i've ever seen. every account they host can be accessed, and the
company even knows about it but they don't care!
 
no the web is never 100% safe, but don't rule out carelessness... many people use simple
passwords, or they use the same password over and over. some people actually store their
passwords and ftp info online in text files!

also a lot of servers are not secure. i know of one hosting company that has one of the
worst security problems i've ever seen. every account they host can be accessed, and the
company even knows about it but they don't care!

lol yea thats funny, majority of all problems on the computer is the user but i know gimmie4free
 
Deleted the scripts I guess were insecure, still have no idea how they work their way in though lol. Even with a bruteforcer the password I used I dont use for anything else and I doubt it would be in a brute force dictionary or whatever they use to lookup passwords. 100% no trojans on my laptop unless some new undetectable trojan is about but I dont know much about them anyway lol.
 
Some simple step to do when yo got hacked.

1. Report to the host admin.
2. ask the admin syslogd file copy.
3. Find out whats has been done on your site due to syslogd.
4. Fight back if you have enough power (war just beginning!) to do remote exploit :)
5. Always shut the service you don't need down.
6. Try to get the updated and safest script you have installed on your web server.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock