Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / Someone hacked my site!

Author
Message
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 14th Feb 2006 02:42
Link
The topic says it... [href]www.bntstuff.com[/href]

Ben 'N Torstens Stuff
Free 3D games.
Back to top
Profile PM Email Website
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 02:46
Link
-_- looks like a dun it yourself job. Whats with the crappy music? I wouldve chosen "Mars, Bringer Of War".

formerly KrazyJimmy
Back to top
Profile PM
ionstream
20
Years of Service
User Offline
Joined: 4th Jul 2004
Location: Overweb
Posted: 14th Feb 2006 02:47
Link
Well, you gotta hand it to that guy, he just wanted it more.

Back to top
Profile PM Website
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 02:59
Link
tru that.

either way, you got



formerly KrazyJimmy
Back to top
Profile PM
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 14th Feb 2006 03:03
Link
I can't help but wonder, why?


"Computers are useless, they can only give you answers."
Back to top
Profile PM Email
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 14th Feb 2006 03:07 Edited at: 14th Feb 2006 03:08
Link
Quote: "Well, you gotta hand it to that guy, he just wanted it more."

Wanted what more? You think he's gonna steel my site? My host is working on getting my site back with the same password and everything.

Also, how does someone hack your site? Just curious...

Ben 'N Torstens Stuff
Free 3D games.
Back to top
Profile PM Email Website
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 03:49
Link
Recognise these? they were embedded within the source.

x_p@hotmail.co.uk

im0@hotmail.co.uk

r.root@yahoo.com

formerly KrazyJimmy
Back to top
Profile PM
Undercover Steve
19
Years of Service
User Offline
Joined: 6th Jun 2005
Location: Vancouver, Little Canada(Washington)
Posted: 14th Feb 2006 03:52
Link
By exploiting host's options. Probably some crap password, or shell access exploit, ftp issues, ect.

I have been re assigned. New name, new mission. Star Fleet - 5%
Back to top
Profile PM
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 03:56
Link
Probably by using a rainbow chart. Can crack alphanumeric passwords up to 9 letters within 11 seconds... but it takes about 5 days straight and a very hard to find program to generate and use one.

formerly KrazyJimmy
Back to top
Profile PM
Undercover Steve
19
Years of Service
User Offline
Joined: 6th Jun 2005
Location: Vancouver, Little Canada(Washington)
Posted: 14th Feb 2006 03:59
Link
You can call me a geek, but I use md5 passwords (as in I get my normal passwords, and md5 them, then encrypt them in my own php script)

I have been re assigned. New name, new mission. Star Fleet - 5%
Back to top
Profile PM
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 04:01
Link
i prefer md5 as well, tho mysql standard encryption works just fine.

the least we can do is hack his tripod site >_<

http://members.lycos.co.uk/al3ash8m/loveer.mid

formerly KrazyJimmy
Back to top
Profile PM
Undercover Steve
19
Years of Service
User Offline
Joined: 6th Jun 2005
Location: Vancouver, Little Canada(Washington)
Posted: 14th Feb 2006 04:05
Link
dont tell me you use mysql standard. Very bad practice, considering it can be cracked much easier than md5 (which cant be cracked, just checked and compared).... md5 is owntastic..

I have been re assigned. New name, new mission. Star Fleet - 5%
Back to top
Profile PM
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 04:14 Edited at: 14th Feb 2006 04:14
Link
I dont have to deal with anyone who even knows what my SQL stands for. XD Yea send me a message encrypted in md5.

formerly KrazyJimmy
Back to top
Profile PM
Bloodeath 6 6 6
19
Years of Service
User Offline
Joined: 5th Nov 2005
Location: Sierra vista in indonesia
Posted: 14th Feb 2006 04:18
Link
that hacked page was awesome

Nunticaelitusphobia---im scuurrred of the internet
Back to top
Profile PM Email Website
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 14th Feb 2006 04:18
Link
But if the person hacks the site, I can still cancel it with the host, and set up a different site?

Ben 'N Torstens Stuff
Free 3D games.
Back to top
Profile PM Email Website
Undercover Steve
19
Years of Service
User Offline
Joined: 6th Jun 2005
Location: Vancouver, Little Canada(Washington)
Posted: 14th Feb 2006 04:18
Link
e4e3c4735842f54a720c1026261103d8

I have been re assigned. New name, new mission. Star Fleet - 5%
Back to top
Profile PM
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 04:26
Link


formerly KrazyJimmy
Back to top
Profile PM
Undercover Steve
19
Years of Service
User Offline
Joined: 6th Jun 2005
Location: Vancouver, Little Canada(Washington)
Posted: 14th Feb 2006 04:32
Link
eb024c6a2d74da27fa2aaabab452293b

I have been re assigned. New name, new mission. Star Fleet - 5%
Back to top
Profile PM
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 05:11
Link
Because we werent having a conversation with md5 encoded passwords that were cracked within miliseconds right?

specs:

60 gig HD

1.3 GHz intel celeron processor

512 ram

formerly KrazyJimmy
Back to top
Profile PM
Undercover Steve
19
Years of Service
User Offline
Joined: 6th Jun 2005
Location: Vancouver, Little Canada(Washington)
Posted: 14th Feb 2006 05:14
Link


I have been re assigned. New name, new mission. Star Fleet - 5%
Back to top
Profile PM
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 14th Feb 2006 07:14
Link
I have just one question: What's an MD5?


"Computers are useless, they can only give you answers."
Back to top
Profile PM Email
adr
21
Years of Service
User Offline
Joined: 21st May 2003
Location: Job Centre
Posted: 14th Feb 2006 07:50
Link
MD5 is the name of a hashing algorithm. It's most often used to hash a string like "myl33torpassword!", which becomes "4bc8c76eb067703858bc7c90de9eb6ad". It's one way, so you can't derive the original string from the hash; all these "cracks" are just brute-forces or a rainbow table (as I understand it) is essentially just a table of precalculated hashes.

The cool thing about MD5 (or all hashing algorithms) is that the hash varies wildly depending on it's input - so as a hacker you can't say "ooh I'm getting close"...

"myl33torpassword!" => "4bc8c76eb067703858bc7c90de9eb6ad"
"Myl33torpassword!" => "1c566b8dff7c7c8558c723d3288a8dcc"

So, for that reason it's also used widely to checksum files. You can tell if a file's corrupted, or more seriously, if it's been altered from the original.

[center]
iv tryed everything!!!!!!!!!! could u please just add The gun and shooting Code thats All!!!!!!!!!
Back to top
Profile PM Website
Becky
18
Years of Service
User Offline
Joined: 26th Jan 2006
Location:
Posted: 14th Feb 2006 09:29
Link
The hacked messages claims that they achieved root access, if that was indeed the case then the security breach was on your host. Root is a Unix concept and is the name of the master user, if the root was really hacked I imagine the entire host was attacked.

Hackers seem to run competitions to get the most references on a Google search, by hacking a host they could claim hundreds of sites in a single hit. A score of over 1 million results on Google is considered a reasonable score, but your hackers "Lover Team" used words which are commonplace on any web search, thus invalidating any result. In other words, they're newbs.

The conclusion one draws from this is that your host has been sucessfully attacked by a bunch of third rate idiots who are probably quite new to the hacking scene and are using downloadable tools.

I would suggest investigating a new host.
Back to top
Profile PM
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 14th Feb 2006 12:32
Link
Thanks a lot for that explanation adr, it described it perfectly (and in much more detail than I expected!). Cheers.


"Computers are useless, they can only give you answers."
Back to top
Profile PM Email
Oddmind
20
Years of Service
User Offline
Joined: 20th Jun 2004
Location: Atlanta, Georgia
Posted: 14th Feb 2006 15:57
Link
hey Exeat!

2D6BEDCB9DACC1302B3A51BEE1EDD102!!!

There!!

ha ok... i forgot what that said....

formerly KrazyJimmy
Back to top
Profile PM
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 14th Feb 2006 16:04
Link
Quote: "I would suggest investigating a new host."

That may be a good idea, after what I read on your post. They sound kind of unstable, and seem to not have the best security...

Ben 'N Torstens Stuff
Free 3D games.
Back to top
Profile PM Email Website
##GERI##
User Banned
Posted: 14th Feb 2006 18:12
Link
Most passwords and user names stealed via keyloggers.
Use virus killer. The best (free) is http://avast.com (free registration needed) AND use some antyspyware program too.
Back to top
Profile
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 3rd Mar 2006 01:39
Link
Well, my host can't recognis me...

Now I can't cancle my old accound because they say my id is wrong... They can't just charge me until the card expires...

I got a new site, its in my sig, don't want to spam it.

Ben 'N Torstens Games
Free 3D games.
Back to top
Profile PM Email Website
General Sephiro
20
Years of Service
User Offline
Joined: 27th Sep 2004
Location:
Posted: 3rd Mar 2006 01:52 Edited at: 3rd Mar 2006 01:55
Link
well done ##GERI##, at least some1 here gets what probably happened 2 BNT Games website ^-^

The passwords can also be stolen via FTP password grabbers in-coded within the trojan servers then redirected back to the client trojan.

Btw yes the passwords can be cracked using Brute Force as some1 suggested above.. but that would be a script kiddie mistake if they wern't behind a few un-traceable proxy's... as their IP would be stored and could easily be traced back...

E.g. hey, y's this guy tried to log into his site over 1000 times, un-successfully within 2 minutes O_o


http://www.hybridwolves.co.uk
Back to top
Profile PM
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 3rd Mar 2006 01:56
Link
Ok. I'll have to refer back to this once and a while to keep myself informed on what todo while I set up my site completely.

Ben 'N Torstens Games
Free 3D games.
Back to top
Profile PM Email Website
Represent
20
Years of Service
User Offline
Joined: 24th Dec 2003
Location:
Posted: 3rd Mar 2006 04:31
Link
Dont feel bad. There are many hacked sites to come. The web wars began and im not joking. Look at the site i posted on the thread for the other hacked site.

Its a big web war planned for a while. Team Lovers, Anarchy, ect.


Back to top
Profile PM
SirFire
19
Years of Service
User Offline
Joined: 4th Apr 2005
Location: North America
Posted: 3rd Mar 2006 05:03
Link
I guess now would be a good time to do a backup, just in case

Back to top
Profile PM Website
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 3rd Mar 2006 17:25
Link
I have a backup of my whole site already after that happened.

And when they hacked my site, would they have access to my credit card, and other info, etc?

Ben 'N Torstens Games
Free 3D games.
Help me build my forum
Back to top
Profile PM Email Website
OSX Using Happy Dude
21
Years of Service
User Offline
Joined: 21st Aug 2003
Location: At home
Posted: 3rd Mar 2006 17:30
Link
They could get it if :

A) You put your credit card details on the site
B) They knew it was there

Blog:http://spaces.msn.com/members/BouncyBrick/
Web Site:http://www.nicholaskingsley.co.uk
Trust me, I know what I'm doing.
Back to top
Profile PM Email Website
Torsten Sorensen
19
Years of Service
User Offline
Joined: 23rd Oct 2005
Location: Seattle, WA
Posted: 3rd Mar 2006 17:33 Edited at: 3rd Mar 2006 17:34
Link
Ok, thanks. It wasn't on the site.

Quote: "Recognise these? they were embedded within the source.

x_p@hotmail.co.uk

im0@hotmail.co.uk

r.root@yahoo.com"

Those appeared on the site if you looked long enough.

Ben 'N Torstens Games
Free 3D games.
Help me build my forum
Back to top
Profile PM Email Website
Back to top

Login to post a reply

Server time is: 2024-11-16 16:41:32
Your offset time is: 2024-11-16 16:41:32