Jump to content


Worse PHP attacks?


  • Please log in to reply
9 replies to this topic

#1 Guest_askjames01_*

Guest_askjames01_*
  • Guests

Posted 04 February 2006 - 12:21 PM

ATTENTION: Geeks, CRacker, Hacker, Gurus... : )

What are you worse php attacks experiences...
I just want to hear it from you guys...

I believed discussing this topic will inform most of us PHP developers,
so that when we encounter these problem we all now have a little know how, to avoid
these malicious cases!
And maybe we can prepare to patch the holes!... in the future!


Waiting for your grudges and experiences...
thanks for your advance cooperation...


-/james
------------
Your good neighborhood





#2 play_

play_
  • Staff Alumni
  • Advanced Member
  • 717 posts

Posted 04 February 2006 - 04:41 PM

[!--quoteo(post=342614:date=Feb 4 2006, 07:21 AM:name=askjames01)--][div class=\'quotetop\']QUOTE(askjames01 @ Feb 4 2006, 07:21 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
ATTENTION: Geeks, CRacker, Hacker, Gurus... : )

What are you worse php attacks experiences...
I just want to hear it from you guys...

I believed discussing this topic will inform most of us PHP developers,
so that when we encounter these problem we all now have a little know how, to avoid
these malicious cases!
And maybe we can prepare to patch the holes!... in the future!
Waiting for your grudges and experiences...
thanks for your advance cooperation...
-/james
------------
Your good neighborhood
[/quote]


Been hacked only once really. I guess it was brute foce. I opened my ftp and saw a random folder with a file in there. went to the link and it said "hacked by (whatever)".

But i'd say the most common is defacing. and the worst would be a buffer overflow.
regex.kat.sh --- regex library
u.kat.sh ---- url shortener
tabbit.org ---- tabbed pastebin

#3 Guest_askjames01_*

Guest_askjames01_*
  • Guests

Posted 04 February 2006 - 07:10 PM

Hey! play?

what do you think it was
an egg drop like this --> [a href=\"http://www.eggheads.org/pipermail/eggheads/1999-November/001978.html\" target=\"_blank\"]http://www.eggheads.org/pipermail/eggheads...ber/001978.html[/a]

or a backdoor?

Is it hacked passing thru using LINUX, APACHE, FTP or the PHP script?
and by the way what was the OS for that case?
And who was your suspects and that time?

waiting for more details from you play?


-/james/


-and also i remember a few months ago that phpfreaks.com was also hacked, i wonder who was their suspect? Did 'Eric' found out who did that to this website?
-and how many times did phpfreaks.com was hacked? What do you think?

#4 play_

play_
  • Staff Alumni
  • Advanced Member
  • 717 posts

Posted 04 February 2006 - 08:38 PM

[!--quoteo(post=342706:date=Feb 4 2006, 02:10 PM:name=askjames01)--][div class=\'quotetop\']QUOTE(askjames01 @ Feb 4 2006, 02:10 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Hey! play?

what do you think it was
an egg drop like this --> [a href=\"http://www.eggheads.org/pipermail/eggheads/1999-November/001978.html\" target=\"_blank\"]http://www.eggheads.org/pipermail/eggheads...ber/001978.html[/a]

or a backdoor?

Is it hacked passing thru using LINUX, APACHE, FTP or the PHP script?
and by the way what was the OS for that case?
And who was your suspects and that time?

waiting for more details from you play?
-/james/
-and also i remember a few months ago that phpfreaks.com was also hacked, i wonder who was their suspect? Did 'Eric' found out who did that to this website?
-and how many times did phpfreaks.com was hacked? What do you think?
[/quote]


I have no idea how it was done. but the server OS was linux. I know it wasnt through any php coding of mine because at the time i didnt program in php. only css and html
regex.kat.sh --- regex library
u.kat.sh ---- url shortener
tabbit.org ---- tabbed pastebin

#5 Guest_askjames01_*

Guest_askjames01_*
  • Guests

Posted 04 February 2006 - 11:59 PM

ah, huh!

intereseting...
did you used FTP at that time? if yes, then is it free? cause i have a feeling that they
maybe use that ftp as a method of hacking your site.

And what hosting company is that?



I think BARAND can give more hacked experiences with us cause i think he is the most
experienced guy here.

Yo! brother what was your HACK ATTACK experiences?
I hope you can share ideas too...?

thanks n advance...


-/james



#6 steelmanronald06

steelmanronald06
  • Staff Alumni
  • Advanced Member
  • 2,004 posts
  • LocationOk

Posted 06 February 2006 - 02:38 AM

wouldn't call it php but it was pretty bad. I manage a website for some friends, and their website is the base and order form of their business. I did daily backups on my server and i wasn't being very secure about it. Someone with a grudge found out about their site and my backups. They hacked my backups at around 1 in the morning, to ensure I wouldn't back up anytime soon, and then deleted their entire site.

I was saved because I had a backup of the site from about 2 weeks back, and not much had really changed.

#7 Guest_askjames01_*

Guest_askjames01_*
  • Guests

Posted 06 February 2006 - 05:52 PM

Yo, steelman_ bro!
long time no see... : )

I think you forgot to set up the gateway properly bro... am i wrong?
I found a lot of websites discussing TCP/IP hacking and cracking and listening...
And with some free tools with the hacking instructions...
but for the good purpose i don't want to show them here...
Just a good discussion maybe will inform us php gurus!

I think it's a hardware/server related hacking....
So what was your suspect?

In your case it was the "Habit of Saving files" saved you from disaster!
that's a good basic lesson...

Have you forgot to put some firewall with that server?
And did you caught the perpetrator?




#8 steelmanronald06

steelmanronald06
  • Staff Alumni
  • Advanced Member
  • 2,004 posts
  • LocationOk

Posted 07 February 2006 - 01:13 PM

Not caught. It was saved on my webhost server, not on a personal server. I have this cheap hosting service, about 2.99 per month, and I just ftped the files to there. I didn't really think that he could ftp onto my account, but he managed.

The only thing that saved me was I had, for some odd reason, kept a copy saved on my personal computer

#9 Guest_askjames01_*

Guest_askjames01_*
  • Guests

Posted 08 February 2006 - 12:01 PM

Are you sure it's not the server administrator(s) of your Hosting company, that was playing with
your files?

And how did you know they used the FTP thing?
Thru my readings a website can be hacked using through TCP/IP hacking, and i think the windows platform is the weakest OS compare to LINUX...

Cause in my opinion The Best Hackers Knows how The Hardware related matter works...





#10 Guest_askjames01_*

Guest_askjames01_*
  • Guests

Posted 09 February 2006 - 12:07 PM

How about you do you have a BAD experiences with your website and that you also
suspected that your website has been hacked by someone out there!
Yeah, YOu alright! You!, the one reading this! : )

I know you have, and would also like to share your grudges!
Isn't it?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users