My cPanel site was hacked - any advise on what to do?
- by Moutaz
My cPanel site was hacked. The attacker has changed my cPanel password. How could he do that and how can I gain access to my site back?
Thanks.
Search Results
Search found 374 results on 15 pages for 'hacked'.
Page 3/15 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >
-
-
On my Mac, under the 'Shared' folder it shows another computer in my house, am I hacked?
- by user27449
I didnt' setup any connection to another computer in my house (its a PC), and I just noticed under my 'Shared' folder in the file explorer on my Mac laptop I see the name of the PC. How could this have shown up when I didn't even try to connect to it before? Could I possibly be hacked or is this normal it just scanned our internal wireless network? I havent' setup any kind of network really, just have a wireless modem that other computers share.Read the article
-
How to prevent a hacked-server from spoofing a master server?
- by Cody Smith
I wish to setup a room-based multilayer game model where players may host matches and serve as host (IE the server with authoritative power). I wish to host a master server which tracks player's items, rank, cash, exp, etc. In such a model, how can I prevent someone that is hosting a game (with a modified server) from spoofing the master server with invalid match results, thus gaining exp, money or rankings. Thanks. -CodyRead the article
-
Possibly hacked delicious account suddenly containing links to adult sites etc - is there an alternative for delicious
- by Homunculus Reticulli
I was searching for some academic publications I saved earlier on delicious. To my astonishment, there are a lot of tags and links in my account, that point to adult material from a Brazillian site (Portugeuse or Spanish), and lots of links to European sports site (in German or Dutch). Most of these links are public, and it seems my account has been hacked. I searched the delicious site to see if I could report the issue, and ofcourse there is no contact details. I've had just about enough with delicious (first, they changed their login system after being taken over - resulting in me losing over a year's worth of bookmarks), now this. Is there a replacement online bookmarking service someone can recommend?Read the article
-
Can the Nikon D50 be hacked to record video?
- by andy
I mean hacked in terms of software only, and minor hardware hacking if necessary, without of course breaking the camera. Also, if possible, video should be able to be recorded at an acceptable frame rate, around 20fps. thanks p.s. Reason for this question: Just to give some context before people tell me to buy a new camera! For still photography I now almost exclusively shoot film with a Nikon F3, and my D50 is gathering dust. I want to shoot some video of my Capoeria classes, for personal use, and thought maybe I could put my D50 to good use. Yes, I could buy a D5000 or older D90, but really I just want to shoot some video with my nice wide Nikkor lenses at no extra cost!Read the article
-
My website just got hacked - what do I tell my boss and client?
- by Christopher Altman
http://www.computerworld.com/s/article/9175783/Network_Solutions_sites_hacked_again One of our clients had a WordPress website on Network Solutions shared hosting. It got hacked. The resolution is to migrate the site over to one of our dedicated, private servers. This process will take 24-36 hours to complete. What do I say to my boss and client? Do I blame Network Solutions? Do I blame WordPress (we recommended it)? Do I just tell each person it is being fixed and everything is just fine?Read the article
-
A possible case of hacked email account. What kind of an attack is this?
- by Rickesh John
I own a Yahoo mail account. I am using this account for sending resumes and receive notifications from various job portals. But yesterday, I found that some 10-15 mails had been sent to random addresses from my account. Most of them had this format: hr@<companyname>.com I am pretty sure that I didn't send any mails to such addresses. Initially, I thought the job portals may be sending mails on my behalf and Yahoo is logging them, but then I saw the contents. The contents of all those mails were a URL, which I did not click. SCARED. Also, to top it off, my "Sending Name" has been changed to 'Nice Maria'!! o_0 I have taken the necessary measures and changed my password and the secret question. I cannot delete this account as this email is registered with all the job portals and other companies. Is this a simple case of my account being compromised or was I a victim of some web vulnerability? All the mails seem to be bot generated, with only a URL as the message body. Please advice.Read the article
-
Someone used or hacked my computer to commit a crime? what defense do I have?
- by srguws
Hello, I need IMMEDIATE Help on a computer crime that I was arrested for. It may involve my computer, my ip, and my ex-girlfriend being the true criminal. The police do not tell you much they are very vague. I was charged though! So my questions are: -If someone did use my computer at my house and business and post a rude craigslist ad about a friend of my girlfriend at the time from a fake email address, how can I be the ONLY one as a suspect. Also how can I be charged. I noticed the last few days there are many ways to use other peoples computers, connections, etc. Here are a few things I found: You can steal or illegally use an ip addresss or mac address. Dynamic Ip is less secure and more vulnerable than static. People can sidejack and spoof your Mac, Ip, etc. There is another thing called arp spoofing. I am sure this is more things, but how can I prove that this happened to me or didnt happen to me. -The police contacted Craigslist, the victim, aol, and the two isp companies. They say they traced the IP's to my business and my home. My ex was who I lived with and had a business with has access to the computers and the keys to bothe buildings. My brother also lives and works with me. My business has many teenagers who use the computer and wifi. My brother is a college kid and also has friends over the house and they use the computer freely. So how can they say it was me because of an angry ex girlfriend.Read the article
-
My server appears to have been hacked+ scanssh run by zabbix is it normal?
- by Niro
I'm running a few EC2/Scalr instances with zabbix monitoring. I received complaints about one of my servers port scanning other servers. the logs show it is accessing port 22 on consecutive IP addresses. I looked at the processes list and saw scanssh is running under the user Zabbix. My question is- Is scanssh part of zabbix? Is it suppesd to run? I have active autodiscovery on zabbix but it is looking at another IP addresses and definately not port 20. Is it possible that something in the config of zabbix agent is controlling it and not the settings on zabbix server? What can I do to find out if zabbix is somehow misbehaving or it is a hacker? Any advice is highly appreciated.Read the article
-
Got Hacked. Want to understand how.
- by gaoshan88
Someone has, for the second time, appended a chunk of javascript to a site I help run. This javascript hijacks Google adsense, inserting their own account number, and sticking ads all over. The code is always appended, always in one specific directory (one used by a third party ad program), affects a number of files in a number of directories inside this one ad dir (20 or so) and is inserted at roughly the same overnight time. The adsense account belongs to a Chinese website (located in a town not an hour from where I will be in China next month. Maybe I should go bust heads... kidding, sort of), btw... here is the info on the site: http://serversiders.com/fhr.com.cn So, how could they append text to these files? Is it related to the permissions set on the files (ranging from 755 to 644)? To the webserver user (it's on MediaTemple so it should be secure, yes?)? I mean, if you have a file that has permissions set to 777 I still can't just add code to it at will... how might they be doing this? Here is a sample of the actual code for your viewing pleasure (and as you can see... not much to it. The real trick is how they got it in there): <script type="text/javascript"><!-- google_ad_client = "pub-5465156513898836"; /* 728x90_as */ google_ad_slot = "4840387765"; google_ad_width = 728; google_ad_height = 90; //--> </script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> Since a number of folks have mentioned it, here is what I have checked (and by checked I mean I looked around the time the files were modified for any weirdness and I grepped the files for POST statements and directory traversals: access_log (nothing around the time except normal (i.e. excessive) msn bot traffic) error_log (nothing but the usual file does not exist errors for innocuous looking files) ssl_log (nothing but the usual) messages_log (no FTP access in here except for me)Read the article
-
how to secure a iphone application from getting illegaly copied or hacked to install on another ipho
- by thndrkiss
Hi, I am new to iphone programming. I heard from few people that even if the iphone application is sold for money from itunes, it is possible to hack the application and install on another phone. How much of this is true ? If true is there a way to programmatically control my application from getting illegally copied to jailbreaked or another iphone ?Read the article
-
My Website was hacked using Statcounter! Does Statcounter keep a record of cookies?
- by Cyril Gupta
I had a rather interesting case of hacking on my ASP.Net MVC website. For this website I had implemented a rather uncomplicated authentication system for my admin area -- an encrypted cookie which had an identifying signature for the member. Whenever the admin visits the website the cookie would be decrypted and signature verified. If matching he wouldn't have to sign in. Couple of days ago a visitor on my site told me that he was able to sign into my website simply by clicking no a referral link on his Statcounter console which pointed to my admin area (I had visited his site from a link inside my admin view). He just clicked on a link in statcounter and he was signed in as the admin! The only way this could have happened was if statcounter somehow recorded my cookies and used those when he clicked on the link pointing to my admin! Is that logical or fathomable? I don't understand what's going on. Do you have any suggestions as to how I can protect my website against things like this?Read the article
-
Login code sample which has been hacked via SQL Injection, although mysql_real_escape_string...
- by artmania
Hi friends, I use CodeIgniter, and having trouble with hacking :( is it possible to make SQL Injection to the login code below: function process_login() { $username = mysql_real_escape_string($this->input->post('username')); $password = mysql_real_escape_string(MD5($this->input->post('password'))); //Check user table $query = $this->db->getwhere('users', array('username'=>$username, 'password'=>$password)); if ($query->num_rows() > 0) { // success login data Am I using the mysql_real_escape_string wrong? or what? Appreciate helps!Read the article
-
Can a simple web form like this get hacked?
- by Haskella
Hi I have a web form that sends a string to one php file which redirects them to a corresponding URL. I've searched about web form hacking and I've only received information about PHP and SQL... my site only uses a single PHP file, very basic etc. Would it be open to any exploits? I'm obviously not going to post the URL, but here is some code I was working on for the php file: http://stackoverflow.com/questions/2888077/newbie-php-coding-problem-header-function-maybe-i-need-someone-to-check-my-cod ThanksRead the article
-
Got Hacked. Want to understand how.
- by gaoshan88
Someone has, for the second time, appended a chunk of javascript to a site I help run. This javascript hijacks Google adsense, inserting their own account number, and sticking ads all over. The code is always appended, always in one specific directory (one used by a third party ad program), affects a number of files in a number of directories inside this one ad dir (20 or so) and is inserted at roughly the same overnight time. The adsense account belongs to a Chinese website (located in a town not an hour from where I will be in China next month. Maybe I should go bust heads... kidding, sort of), btw. So, how could they append text to these files? Is it related to the permissions set on the files (ranging from 755 to 644)? To the webserver user (it's on MediaTemple so it should be secure, yes?)? I mean, if you have a file that has permissions set to 777 I still can't just add code to it at will... how might they be doing this?Read the article
-
AWS EC2: How to determine whether my EC2/scalr AMI was hacked? What to do to secure it?
- by Niro
I received notification from Amazon that my instance tried to hack another server. there was no additional information besides log dump: Original report: Destination IPs: Destination Ports: Destination URLs: Abuse Time: Sun May 16 10:13:00 UTC 2010 NTP: N Log Extract: External 184.xxx.yyy.zzz, 11.842.000 packets/300s (39.473 packets/s), 5 flows/300s (0 flows/s), 0,320 GByte/300s (8 MBit/s) (184.xxx.yyy.zzz is my instance ip) How can I tell whether someone has penetrated my instance? What are the steps I should take to make sure my instance is clean and safe to use? Is there some intrusion detection techinque or log that I can use? Any information is highly appreciated.Read the article
-
Hacking prevention, forensics, auditing and counter measures.
- by tmow
Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security: My server's been hacked EMERGENCY. Finding how a hacked server was hacked File permissions question The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration. As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effects of an attack and how to react in the sad case will happen. It's not just a matter of securing the server and the code but also of auditing, logging and counter measures. Do you have any good practices list or do you prefer to rely on software or on experts that continuously analyze your web server(s) (or nothing at all)? If yes, can you share your list and your ideas/opinions?Read the article
-
Entries in `/etc/inittab` below last line - possible hack? [closed]
- by Danijel
Possible Duplicate: My server's been hacked EMERGENCY My Linux machine has been hacked lately. There are a few entires in /etc/inittab below the #end of /etc/inittab Something like: #Loading standard ttys 0:2345:once:/usr/sbin/ttyload I also have serveral of the following lines: 2:2345:respawn:/sbin/mingetty tty2 3:2345:respawn:/sbin/mingetty tty3 . . . I know that my /usr/sbin/ttyload has been hacked, and I have removed it, but I don't know if I need this is inittab, nor whether I had ttyload before. Is this file common? Should I remove this line?Read the article
-
How to fix some damages from site hack?
- by Towhid
My site had been hacked. I found vulnerability,fixed it, and removed shell scripts. But hacker had uploaded thousands of web pages on my web server. after I removed those pages I got over 4 thousand "Not Found" Pages on my site(All linked from an external free domain and host which is removed now). Also hundreds of Keywords had been added to my site. after 3 weeks I can still see keywords from removed pages on my Google Webmaster Tools. I had 1st result on google search for certain keywords but now I am on 3rd page for the same keywords. 50% of my traffic was from google which is now reduced to 6%. How can I fix both those "Not Found" pages problem and new useless keywords? and Will it be enough to get me back on first result on google? P.S: 1)Both vulnerability and uploaded files are certainly removed. 2)My site is not infected, checked on google webmaster and a few other security web scan tools. 3) all files had been uploaded on one directory so i got something like site.com/hacked/page1.html and site.com/hacked/webpage2.htmlRead the article
-
Hack a Linksys Router into a Ambient Data Monitor
- by Jason Fitzpatrick
If you have a data source (like a weather report, bus schedule, or other changing data set) you can pull it and display it with an ambient data monitor; this fun build combines a hacked Linksys router and a modified toy bus to display transit arrival times. John Graham-Cumming wanted to keep an eye on the current bus arrival time tables without constantly visiting the web site to check them. His workaround turns a hacked Linksys router, a display, a modified London city bus (you could hack apart a more project-specific enclosure, of course), and a simple bit code that polls the bus schedule’s API, into a cool ambient data monitor that displays the arrival time, in minutes, of the next two buses that will pass by his stop. The whole thing could easily be adapted to another API to display anything from stock prices to weather temps. Hit up the link below for more information on the project. Ambient Bus Arrival Monitor Hacked from Linksys Router [via Make] Make Your Own Windows 8 Start Button with Zero Memory Usage Reader Request: How To Repair Blurry Photos HTG Explains: What Can You Find in an Email Header?Read the article
-
Website isolation in IIS shared environemnt?
- by Ramaz
How do I ensure website isolation in a shared environment on IIS 7 ? basically I host multiple websites and I do not want one getting hacked, ending up in all getting hacked. anyways I can ensure this?Read the article
-
Best Free Windows Imaging Software For Servers
- by Justin
We are running two physical servers both Windows 2003, not virtualized. What is the best free (if any) windows software to take a full image backup of the entire drives? If possible, while the image is taking place, it should not bring the hosts to their knees with excess CPU or I/O usage. The servers have RAID mirroring, but after hearing a few horror stories about hacked systems, we need to have weekly full image backups, so we can simply revert to a pre-hacked image. Thanks.Read the article
-
Google Apps Question
- by Andy
I was recently hacked by a person I know who I happened to make an account using my hacked email. I was wondering how I can close off Google Apps without logging in. (I have FTP and such, and I deleted the nameservs already)Read the article
-
Hacking Smart Phones
Rootkits used to show smart phones can be hacked, hijacked and exploited without their owner's knowledge Operating system - Shopping - Consumer Electronics - Communications - WirelessRead the article
-
Linux Debian Security Breach - what now? [closed]
- by user897075
Possible Duplicate: My server's been hacked EMERGENCY I installed Debian (Squeeze) a while back in my home network to host some personal sites (thank god). During the installation it prompted me to enter a user other than root - so in a rush I used my name as user and pass (alex/alex for what its worth). I know it's horrible practice but during the setup of this server I'm always logged in as root to perform configurations, etc. Few days or a week passes and I forget to change the password. Then I finally get my web site finished and I open the port forwarding on my router and DynDNS to point to my server in my home. I've done this many times in the past never had issues but I use a cryptic root password and I guess disabled regular accounts. Today I reformat my Windows 7 and after spending all day tweaking and updating SP1 I look for cloning apps and find clonezilla and see it supports SSH cloning, so I go through the process only to discover I need a user, so I log into my web-server and see I have the user 'alex' already in and realize I don't know the password. So I change the password to something cryptic and visit the directory 'home' only to realize their are contents such as passfile, bengos, etc. My heart sinks, I've been hacked!!! Sure as hell there are all sort of scripts and password files. I run a 'last' command and it seems they last logged in april 3rd. Question: What can I do to see if they did anything destructive? Should I reformat and reinstall? How restrictive is Debian/Squeeze in terms of user permissions out of the box - all my personal website stuff was created using 'root' so changing files does not seem to have occured. How did they determine there was a user 'alex' on the machine? Can you query any machine and figure this out? What the users are? Looks like they tried to run a IP scan...other nodes on the network are running Windows 7. One of which seems a little wonky as of late - is it possible they buggered up that system? What corrective action can I take to avoid this from happening again? And figure out what might have changed or been hacked? I'm hoping debian out of box is fairly secure and at best he managed to read some of my source code. :p Regards, AlexRead the article
