homepage Welcome to WebmasterWorld Guest from 54.227.25.58
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
Forum Library, Charter, Moderators: rogerd

Community Building and User Generated Content Forum

    
SMF "Hacked by ghost61"
Forums hacked For Türkiye, apparently.
scraptoft




msg:3657302
 12:01 pm on May 23, 2008 (gmt 0)

Just tried checking my forums and each link of the forums is directed to a page that says "Hacked by ghost61 for Türkiye".

I did a quick search and it seams ghost61 has taken down a few forums including phpbb etc.

Now I don't know if this is a personal attack or just a robot searching the net, probably the latter.

In the last 5 years spent running and developing websites this has never happend to me before.

Could anyone with experience with ghost61 or tracking these "hackers" give me any advice on finding out how they managed to do it.

 

thecoalman




msg:3657936
 2:23 am on May 24, 2008 (gmt 0)

Are you up to date on your software? If its a prevalent attacker then your software/mods are most likely not up to date and contain vulnerabilities. They look for easy targets and they are too hard to find.

They'll find you through a google search either searching for text in the page, the URL etc. If for example phpbb3.0 had a vulnerability and its a bot crawling a quick look at the meta tags would tell it if the forum was updated or not as they were changed in the last update.

I had a mod on a phpbb2 forum that had one vulnerable file, I was on the authors personal mailing list for updates. Shortly after receiving notification and updating the file it suddenly became a very popular file. My logs showed a huge surge in hits for that file and the search string for the specific URL to confirm the file was present.

rogerd




msg:3659138
 1:34 pm on May 26, 2008 (gmt 0)

Forums, CMS scripts, etc., often have these vulnerabilities exposed, and, as the coalman poinnts out, keeping up to date will all patches and version upgrades is the key to avoiding them.

I did have one situation where the attack came via a vulnerability in the host's server. After two defacements, I changed hosts.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved