Defaced..

Defaced~
 

Yesterday night conversation with Faith;

Faith (27/12/2005 03:45:56): apsal ngan blog ko
Hepan (27/12/2005 03:46:00): huh
Hepan (27/12/2005 03:46:02): apsal?
Faith (27/12/2005 03:46:10): haha gi la tgk
Hepan (27/12/2005 03:47:14): OMG

And what I saw was on the screenshot above… well yea, I’ve been hacked by some Turkish hacker. I believe he started it around 3.00 A.M according to my apache access log and he’s been playing around with the gallery PHP files. Like Zeo mention in my shout box, it was the Plogger (my gallery script) security holes which happen to enable the hacker to insert their injection thru the browser. He didnโ€™t actually rewrite my index file, but instead he wrote a new .htaccess file that redirect the user to the hack page which is inside the gallery folder.

If you were running the Plogger gallery script, go ahead and apply the security fixes immediately to avoid any problem.

For the time being, I donโ€™t plan to upload the gallery yet since I donโ€™t have much time to reconfigure the layout to match this theme.

Anyway, my site now is using the new ajaxed WordPress 2.0. Upgrading was a breeze, I even manage to use my old quicktags (I have a lot of custom tag there) and most of the plugin is working perfectly.

Thanks to Zeo for the tips on how to disable the ugly and lame TinyMCE on the write page.

Updated, Hisyam thanks for showing the world.. –“nothing is secure” :))

21 Comments

  1. uhuk..takpernah lagi tgk page kene hack…camtu upenyer…kalo org khianat pun camtu laa ek…ish…me nak pasang ploger,tapi tak tau..#-o

  2. Hisyam said:

    haha…sian aku baru nak start balik buat layout..macam takkan siap je :)>-

    yukuri.. yukuri.. ๐Ÿ˜€

    gie said:

    uhuk..takpernah lagi tgk page kene hack…camtu upenyer…kalo org khianat pun camtu laa ek…ish…me nak pasang ploger,tapi tak tau..#-o

    I’m just a random victim ๐Ÿ˜›

  3. faith said,

    December 27, 2005 at 8:03 pm ยท Edit ยท Reply

    takpe bukan selalu, maklula. femes kan. die jeles ko baru tukar layout je tu. ehehehehe.

    ahahha.. manerrrrr :))

    anyway thanks for informing me bout the hacking attemp yesterday ๐Ÿ™‚

  4. selalunye yg kena hack hack ni sebab gallery script la. aku dulu pun pakai script utk letak gambar, mamat tu tak hack tapi tulis warning je. sebab tu aku stick ngan flickr sekarang nih :)>-

  5. Hisyam said:

    selalunye yg kena hack hack ni sebab gallery script la. aku dulu pun pakai script utk letak gambar, mamat tu tak hack tapi tulis warning je. sebab tu aku stick ngan flickr sekarang nih :)>-

    yea.. defaced je. aku macam suke dengan plooger tu.. huhu

    faizulzone said:

    uiyoo… tetapi.. mengapa website aku bleh je bukak

    pasal die tak take control over the whole site ler.. die tuka frontpage jek

    farid said:

    lalalala :d/

    ape lalala.. bile mau update?

    :-”

    a.k said:

    uuiihhh… hackerz! ๐Ÿ˜ฎ

    <):)

  6. Emptyspace, kalo .htaccess ko chmod 644 slamat la kot.. aku punye tu chmod 666 pasal wordpress senang nak rewrite permalink nanti.

    Syam, aku rase emptyspace maksudkan pasal die tlis ‘not war’ tu kot.. huhu.. tade kaitan langsung..

    p/s – pesal sengal sangat function reply aku ni, kejab bole. kejab takbleh.. adoi la.. pening aku

  7. ishk2.. nape r baru perasan.. g blog abe hisyam baru perasan.. ๐Ÿ˜ฎ

    hm.. rupanye file .htaccess ni leh wat lobang.. ape function .htaccess ni? salu jumpa tp tak tau function., kdg2 rs gak nak delete sebab rs cam takde function but tkt de application mane2 yg ako tak tau perlukan file htaccess tu..

    erm.. attack camni takleh dielakkan guna firewall ke., internet sekuriti ke..? erm.. bnyk kne blaja gak ni sbb one day i’ll have my own server..nak gak…

    kat laptop ni salu je norton internet sekuriti cakap die block intrusion attack dari mne2 nth.. wireless..

  8. actualy file yang problem tu dari script gallery and file tu bole enable mamat tu utk rewrite htaccess aku.

    even the most secure server pun kalau gune script yang ade vurn akan dihack dengan mudah.

    jangan delete htaccess tu, banyak function die. Fancy url/SEO optimized url pakai htaccess untuk rewrite URL dari index.php?p=xx ke URL yang lebih cantik macam /2005/12/27/Defaced.

    nak block hotlinkers pun pakai htaccess gak ๐Ÿ˜›

Comments are closed.