Check this out, go on my page http://darlord.trap17.com/ . Some stupid kuwait hacker had hack my page. I dont now why !!!

Reply

Are you sure that it was a hacker? Normally these guys put up images or links to something. IF it was you need to change your password because it must not have been secure and make sure it isn't out for anyone to see it. If you continue to have problems you might have to pm an admin to change your cpanel username.

Reply

You mean someone went to all the trouble to hack your site, just to write 'kuwait hacker'? Some people need to get out more...

Reply

A quick search of the Internet reveals that there are various virusus and scripts people are using to do this to sites. Most likely by guessing your password to either cPanel or your FTP account. Your best bet is to change all your passwords to something completely and utterly random, incorporating numbers, letters (upper and lower case) and symbols.

If you were using PHP or MySQL on your site then they may have used a MySQL injection or some vulnerability in the site to run malicious code. If you weren't running scripts then just reupload the site from a backup and then change all the passwords. If you were using scripts of your own, don't use them and try and figure out what could have happened. Once you think you've fixed it then you ca try the scripts again. If you were using scripts designed by someone else, make sure you had the latest updates. If not, let them know about it.

Good luck in getting your site back online and not getting hacked again.

Reply

It wasn't a Hacker.

Hackers are the good guys, crackers, script kiddies and defacers are the bad guys.

This was made by a defacer/cracker, perhaps someone that doesn't like you very much.

You will have to change all your passwords concerning the web server where that website is hosted, do it now.

ps: start using a backup script on your website server, so when someone trys to deface/crack it, the backup script will replace all the web files instantly, making the defacer feel stupid and frustrated.

Reply

What was on the main page before you where "hacked". It was probably somebody that got your password or a SQL injection that did something to the page. The best thing to do like most people told you is to reses your password, and make it better.

Invisionize has a good random password generator with options here: http://tools.invisionize.com/hosted/index....=CustomPassword

Reply

This page was normal CMS page with forum and other stuff. Now i must to start again from the beginning. It is lot of work. First upload Joomla again, then images, set forum... My head is gonna explode !!!

Reply

maybe you woke up while sleeping and when you were sleepwalking you typed in all of your info into trap17 and edited your webpage because you were dreaming about kuwait hackers before that.

it could be possible....have you seen that show on the discovery channel or something about the 100 weirdest sleepwalkings...some people have eaten the weirdest things (sponges, sticks of button on cheese, etc.) and this old guy went into a swamp filled with alligators

you never know, you could be one of them.

Reply

Let's figure something out first. Upon checking last visitor's IPs I only see three: one is from me, and the other two--none of which matched up to your IP.

So, the question is...is your computer safe from spyware or keylogger? If a hacker attempted to break into any Trap17 hosting accounts, I and other server admins have been already notified. But no one has.

Which led me to the first question. Is your password and username secure? Are you infected with any thing that can trasmit your vital information without your knowledge?

It has been few days since your login and you still haven't changed your index file. So, have you used any CMS script that may be found to have security holes? If so, it is your responsibility to keep them updated.

Check the file data and you'll know when the file was modified last. However if it was a simple hacking job, I doubt that the rest of your file structures were left untouched. This leads me to the next suspicion--are you sure someone modified your file?

kuwait hacker does not just leave a text message. He/she always leaves graffiti of insignia. See this link for an example. http://www.flarf.com/saved/guestbook-hacked/ (Rest of text message have been omitted due to language content. But usually signed off with )

 

 

 

Reply

Perhaps brautigam, but is most likely that this was a job made by a Defacer, not even a cracker, anyway, it is even more likely that this was done by someone that doesn't like Darlord, it happened, it is happening, and it will happen in the future, as well as it can happen to us all.

Nothing is secure on the internet, absolutly nothing, it is just a matter of time untill someone cracks it, whatever and whereever it is.

Darlord, you must do things now, don't wait, again, untill someone deface your site, and to tell you the trueth, defacing a website is very easy, you just need to get this info:

website url
website server
website server version

Then you go to a website to download an exploit for that particular website server version, then you run it, and in a few minutes, you are that website's administrator, just like that, out of the blue, and i am not talking about google hacking, if your website was crawled by google, it is very likely that a experienced google hacker can deface your website with a few google hacking querys to the google search engine.

Besides that tip of the backup script, i give you another tip, encrypt the html/php/ and all the other web files with a program like:

html password lock
html protector
encrypt html pro
php obfuscator
SourceGuardian

so like that no one will understand your source code, at least most of people, and crackers/defacers tend to skip encrypted websites, they are very lazy, usually!

Reply