Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: How much trouble is my friend in???

  1. #1

    How much trouble is my friend in???

    I have a friend who runs a website, and backs up his smartphone to a server. While putzing around his site the other day, I found a .rtf file that contained ALL his passwords, credit cards, SIN number, EVERYTHING. It was sitting on a random directory, and fully publically accessable. It looked as though it had been up for a month.

    I wanted to ask you guys, what are the odds that I was the first person to find this file on his server? The server itself isn't indexed by google, but there are some other sites that link to it. Are there bots that go around and scan for this kind of thing?

    Also, if someone else HAS gotten their hands on this info, how much trouble is my friend in?

    Thanks.

  2. #2
    Hmmm, there is are little chances that someone else found the password-containing file. Now on the one hand it depends how many people visit that site and how many people abuse the posible search engine on the site. Just tell your friend to check the permisions on the file. By the way, can you tell me what was the file called?
    The access to the computer or
    anything else that shows us how the
    world works must be total and
    unlimited.

  3. #3
    id advise against telling anyone, especially a public forum, what the filename was, just in case it was indexed by a search engine. do your friend a favour and tell him about it, and keep quiet about it online.
    Geoff

  4. #4
    Senior Member Deeboe's Avatar
    Join Date
    Nov 2005
    Posts
    185
    Originally posted here by Somefilename
    By the way, can you tell me what was the file called?
    Don't share that information, it has no use in this discussion.

    Depending on the information and how easy it was to find, your friend could be in very big trouble. You may want to let your friend know that every password needs to be changed ASAP. Also, you say it is not indexed by Google, but what about other search engines. There are ones out there that specifically look for that kind of stuff.

    Regardless, your friend needs to remove that file, call the credit card companies, and take any other precaution necessary to ensure that the information is not used with malicious intent.

    Good luck!

    -Deeboe
    If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
    - Sun Tzu, The Art of War

    http://tazforum.**********.com/

  5. #5
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    He can easily find out how many people saw it by checking the access logs. Hopefully you will be the only one in the logs. However, if the file contained usernames and passwords for the actual server, people may be altering the access logs if one of those username and passwords gives them that access. Hit your friend with a cluebat.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Unless you friend employs a secured logging system then looking at the logs is a waste of time if the file was created by a person.... Target one after compromise is the logs so they can hide their activity.

    Silly question... How did all that personal information of his find it's way onto a publicly available server... Does he do his personal banking from this box too???

    I would look backwards not forwards. Which machine does he do his personal stuff on _and_ administer the web site from? Look to that to be compromised and the server being a secondary "conquest" and a conduit outbound for the information.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    I think it's probably safe to assume that IF someone got this file, his entire LIFE will be security compromised. His only hope, only hope, is that nobody got this file over the month it was available, or that anyone who has this file doesn't know what it is. How likely is this?

    For example, I know that bots go around scanning for security vulnerabilities on systems, but are there bots that scan for people dumb enough to leave their credit cards and stuff in a public folder? Is there a heuristic that can recognise a credit card number from any other 13-digit number that might be kicking around the internet? Also, is there any liklihood that his site would have been "flagged" by hackers as something to check out?

    If someone found this information, this guy would be completely screwed. I mean 100% screwed...

  8. #8
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    How do you have a server accessable from the Internet that is " so out-of-the way "?

    Just wondering what you mean is all?

  9. #9
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Your last sentence is quite salient....

    You can't trust _anything_ at this point... even if you _think_ you can, you can't..

    Satrting from scratch is probably his best bet...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  10. #10
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    to go back to TS's remark

    it's on a server
    in a 'random' named file
    it might be there because said 'bad lads' have put it there

    his PC may have been compromised, and all data sent to a 'hacker' mailbox, set up on his server.

    need some kit, call here for a CC #

    get him to remove / delete the file from the server
    was it ONLY personal data in the file ?
    any other stuff ? [no details, just Y or N ]
    I'd be concerned if it was just personal data AND it was NOT a copy of another file on the PC ......

    that would damn nigh convince me that 'someone' had set it up specifically as a 'mailbox'
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •