|
i talked to the hacker.... can someone help
hi guys
i took the e-mail of the hacker from the index he put in mu site and i chated with him via MSN anyhow i asked him why did you do it he said for fun so i said i need you to help me here he said the way i hacked your site is like this your host host monster is a week host also he said that he knew my DB by using class_core.php he said it gave him everything about the DB he also told me to do the following he said use Zend safeguard to protect your config file he also told me to change the config file to an image i know the zend way but how can i change the config to an image also he mentioned something about giving the forum folder CHMD 1111 you guys for sure know better than i do do you think he is telling the truth i told him that i have a domy config file and i am using an alternative one with a diff name he told me he know about it i am waiting for your replies |
How did he hack it? When you were speaking of hosts it seemed like DDos.
Link to your site? |
I also use hostmonster, and my site in the past 3 days has been hacked. I determined the hacker was able to access the database without submitting a query via the Forum files. He is still lurking and making fun of my inability to secure the site nomatter what i do.
|
actually, the hacker will never help you.. the technique he indicates here is just to help him integrate your site even more...
when you see the murderer of your parents, do you ask him if he can revive your parents ?! change your host for a more secure one... yeah, you will have to pay for a host... sorry. |
If your on free hosting you would wonder why! :eek:
|
If you really want to protect yourself , move your config.php file to one of root folders such as /etc/vb so only root can modify it.
|
that would still ot prevent anyone with server access (!!!) to read the config file. The only solution in this case is to have your host increase security or switch hosts.
|
Ok, mods delete then link if it against the rules but I've got two vBulletin licenses on hawkhost.com and haven't been hacked yet.
|
Well, if it's the same asshat that has been hacking my site, it's through SQL injection. I also use HostMonster.
a 1111 setting is... well... no. Just don't do it. At any rate, any known method to prevent this clown from hitting again? All 3 times, it's been through SQL injection, bypassing all security, as if it didn't even exist. It's not a member, and the access logs seem to indicate the guy is from Israel. Halp? |
As already mentioned, if the security of your host is below normal, then there is not much you can do.
|
| All times are GMT. The time now is 08:15 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|