Pages: [1]

Author Topic: Please help me find out the reason how my website was hacked  (Read 450 times)

0 Members and 1 Guest are viewing this topic.

Offline Ab+

  • NULL
  • Posts: 1
  • Cookies: 0
    • View Profile
Please help me find out the reason how my website was hacked
« on: October 22, 2014, 02:30:14 pm »
Hi again, please do not delete my thread. If it is in not correct category, just please transfer to other side. I still need help to fix my bady website security guard. WEB: mixas.eu. And we having attacs, I don't know how, but they stolen our password from PHPMYADMIN, MYSQL. How to stop this? PLEASE HELP :(
Report to moderator   Logged

Offline khofo

  • EZ's Swashbuckler
  • Knight
  • **
  • Posts: 350
  • Cookies: 25
  • My humor is so black, it could go cotton picking.
    • View Profile
Re: Please help me find out the reason how my website was hacked
« Reply #1 on: October 22, 2014, 02:50:45 pm »
I don't thin k you'll find free help and giving you site url to the  public saying it has vulnerabilities is very stupid
Report to moderator   Logged
Quote from: #Evilzone
<Spacecow18> priests are bad ppl
<Insanity> Holy crap
Quote from: Geoff on August 18, 2014, 02:27:28 am
Of course God isnt dead. He's out there partying with the Easter Bunny, Santa Clause, Tooth Fairy, and the Man on the moon...
Some of my work: Introduction to Physical Security

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Please help me find out the reason how my website was hacked
« Reply #2 on: October 22, 2014, 03:38:12 pm »
I removed your previous topic, because, well... you run a shitty Counter-strike website which you probably paid some kid to set up and leave backdoors or some rogue admin got butthurt when you demoted him and now he's going all hacky-hacky. If you don't know how to protect yourself, you shouldn't be doing this shit anyway.
Your passwords were stolen? you probably gave it out to someone directly or indirectly.

The best thing you can really do is look for and clean any shells on the site, change ALL of the passwords to something stronger...

Usually I don't bother with such crap even to give advice, because only idiots and kids try to earn money this way, not knowing how to operate a god damn ssh shell.

This is marked for removal...
« Last Edit: October 22, 2014, 03:38:54 pm by Kulverstukas »
Report to moderator   Logged

Offline 2d8

  • /dev/null
  • *
  • Posts: 17
  • Cookies: 1
    • View Profile
Re: Please help me find out the reason how my website was hacked
« Reply #3 on: October 22, 2014, 03:51:16 pm »
I doubt that it's backdoor or something complex. This CMS has lot of vulnerabilities (SQLi, LFI, XSS etc), so quite anyone could gain access to db and get password hash.
Short-term solution:
- deploy some waf (modsecurity is free and open source), to prevent simple attacks
- update CMS to the latest version
- at least check that public exploits not working


In long-term perspective - find more secure solution.
Report to moderator   Logged
Pages: [1]