Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
2.2 exploit  XML
Forum Index » Support Forum
Author Message
[Post New]19/04/2005 14:46:12
    Subject: 2.2 exploit
[Up]
robertrees.org
Newbie

Joined: 19/04/2005 11:19:45
Messages: 3
Location: Baghdad, Iraq
Offline
I have browsed the forum for a fix to a problem that I am having. Before I deployed to Iraq I set up my website to allow my family & friends (and a now growing list of followers) to see how day to day life is in Iraq through my BLOG.

I have managed to attract a "hacker" who only seems to be able to get into my guestbook. I have applied the 2.2 expoit patch "session.class.php" that I found at Carbonize.

My question is this... if this guy has been able to access my admin pages... should I be worried about this? Do I have to start changing my usernames and passwords? Thanks in advance for the help.

Robert
Coming soon to a known terrorist nation near you!


Robert's site: http://www.robertrees.org/
[WWW]
[Post New]19/04/2005 16:03:27
    Subject:
[Up]
JTD
Graduate

Joined: 08/05/2004 21:52:50
Messages: 529
Location: Arkansas
Offline
NO. Since you have patched your guestbook to prevent the sql exploit you should be ok. Just don't enable html. That opens up a whole other can of worms.
LINK-> Use Lazarus Guestbook
[WWW] [Yahoo!] aim icon [MSN]
[Post New]19/04/2005 17:52:24
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
If they were bothered and had the brains the could of read any file on your server but odds are they didn't bother. All they could of got from the change password page is your username but these children are more concerned with short term defacement/attention than long term hacking.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]20/04/2005 09:15:53
    Subject:
[Up]
robertrees.org
Newbie

Joined: 19/04/2005 11:19:45
Messages: 3
Location: Baghdad, Iraq
Offline
Yeah,
This "hacker" as he calls himself, claims to be from Turkey, and just changed the page. I apprecite the replies. Thanks for the help.

Robert
Coming soon to a known terrorist nation near you!


Robert's site: http://www.robertrees.org/
[WWW]
[Post New]20/04/2005 13:01:49
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
A lot are turkish. I know because my guestbook logs failed logins and a lot of them come from people using the main Turkish ISP which encourages hackers by making it damn impossible to report them. They have no email addreeses published anywhere and they don't have the conventional abuse@ sales@ info@ nor support@ email addresses.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]25/04/2005 15:43:53
    Subject:
[Up]
Anonymous



yeah we had a turkish hacker "deface" our guestbook too. it wasnt aimed at you personally, but it was a general random thing...

you can easily delete that entry from the admin panel, and hopefully if you install all the patches found on this forum they will stop this stuff from happening in the future.

i installed one patch several months ago (forgot which one sorry) and for awhile spambots disappeared but then returned again. Now i just came back here to see there is more patches available and i installed them all now.

fingers crossed.
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum