Results 1 to 8 of 8

Thread: webpage Hacked

  1. #1
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741

    webpage Hacked

    Hello fellow AO'ers.. Been a while since i've been on here but thought I would reach out for help/providing information to others...

    I have a dilemma I hit with one of my webpages. The page is hosted by Godaddy and my site somehow got compromised. The website is just an informational site for my wedding which is coming up this weekend so i went to it before I was going to send some family members to it and BAM... my AV and spyware scanners went blip and my PC rebooted.... after about 2 hours of cleaning up malware I decided to look at the source code of my webpage to see what the heck happened...

    I was able to grab code that was added as a script to the header.... I more than willing to share the info but didnt want to post it out right for everyone to see. It appears to be some sort of new infection that is coming out of Russia where they are comprimising webservers.... I have gone in and changed all my passwords on a new computer and dont feel confident that my PC is fully cleaned so Im gonna rebuild it tonight. and build a VM for future surfing.

    Either way, I am curious if anyone knows if the issue would have been with me/my password (fairly secure not very strong) or if its most likely an issue with the Godaddy pages. I have overwritten all the files on my webserver to make sure that nothing was left of it but Im afraid of it getting back in there and infecting one of my family members that has no clue.

    let me know

    Thanks in advance
    ~Spy
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  2. #2
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Yo spyrus long time. PM me the script and I'll have a look see
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  3. #3
    Can you PM the script to me too. I will share it with few people i know if you're okay with it.

    Anyway congratulation's

    Wish you both the best of life
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Did you use any sort of CMS to build the site? That's usually the way they get in.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741
    Ill send it to both of ya via PM... the site is unbelievably simple so it is nothing more than a VERY simple html webpage that I wrote in notepad... by VERY simple I mean its like 8 lines of code.. preschool stuff really
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  6. #6
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Interested in logs/info...based on what you are saying sounds to me like the malware that's been spreading around using mass sql injection attacks...does you web page (since it is hosted), have any exterior to your site content (like a godaddy add or anything?) ?
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  7. #7
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,187
    Have you contacted GoDaddy?
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  8. #8
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Quote Originally Posted by westin View Post
    Have you contacted GoDaddy?
    Godaddy should make regular backups of your stuff, so grab the logs, revert, and figure out how it was done to prevent it in the future. If you need help do let me know.

Similar Threads

  1. Firefox marketing site hacked
    By intmon in forum Security News
    Replies: 1
    Last Post: July 15th, 2005, 06:52 PM
  2. We keep getting hacked into......
    By FishTaco in forum Newbie Security Questions
    Replies: 25
    Last Post: March 7th, 2004, 07:14 PM
  3. Window Forensics: Have I been hacked?
    By Grinler in forum The Security Tutorials Forum
    Replies: 13
    Last Post: August 9th, 2003, 02:49 AM
  4. Help! I Think I've Been Hacked!!
    By tonybradley in forum The Security Tutorials Forum
    Replies: 4
    Last Post: June 18th, 2003, 03:54 PM
  5. Madonna hacked?
    By phishphreek in forum Web Security
    Replies: 10
    Last Post: May 3rd, 2003, 06:29 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •