EPTBWUSA.org = Hacked . - Page 2
| Blogs > Xeris |
|
Xeris
Iran17695 Posts
| ||
|
MoNKeYSpanKeR
United States2869 Posts
Also sorry to hear it Xeris. I wonder who did it? | ||
|
MoNKeYSpanKeR
United States2869 Posts
| ||
|
Xeris
Iran17695 Posts
it was fixed, just all the forum data was lost... | ||
|
Centric
United States1989 Posts
| ||
|
FragKrag
United States11549 Posts
| ||
|
Xeris
Iran17695 Posts
| ||
|
Skew
United States1019 Posts
I don't *think* you can track an XSS/SQL injection wipe on the DB as the content that caused it would also be wiped... someone correct me if I'm wrong, but good luck anyways. Daily DB backups next time around. | ||
|
Xeris
Iran17695 Posts
| ||
|
Xeln4g4
Italy1209 Posts
| ||
|
yenta
Poland1142 Posts
| ||
|
yenta
Poland1142 Posts
On June 05 2008 14:23 Skew wrote: Sorry Xer. I don't *think* you can track an XSS/SQL injection wipe on the DB as the content that caused it would also be wiped... someone correct me if I'm wrong, but good luck anyways. Daily DB backups next time around. Logs? Check your db logs - if they are set up right they should have a record of the statement that caused the wipe. Also. you should be logging any input that is not standard, or since its a small site, just log all input and clean your logs once they are older than a week. | ||
|
Jank
United States308 Posts
| ||
|
QuanticHawk
United States32044 Posts
| ||
MasterOfChaos
Germany2896 Posts
Did you already find out how he killed your db? | ||
|
Flaccid
8835 Posts
Description of hack To quote this guy's post: This is a Windows vulnerability. What the hacker did was attempt to run around the code and gain access to the asp.net Windows Media Player library via our /images/ folder. They found an image they liked, They ran a some kind of script, and gained access to run a sql instertion script that the application itself did not allow. Sneaky fucker. Apparently, this a vulnerability that Microsoft put out a patch to, and our hosting provider didn’t run it against our VPS yet. So to protect your server against this hack, have your hosting provider run the latest updates for the vulnerability. So it's really not a matter of basic SQL-injection. That stuff is protected against in the code in several different ways. It's a server-side vulnerability that is exploited and something most people have no control over. The only sites at risk are those running on a Windows server. Just do a google search and you'll see the hundreds of thousands of sites that have been hit in this way. Point being we have to go a roundabout way to prevent this from happening again, and again, and again... and again..... That's the internet for you. | ||
|
Jonoman92
United States9103 Posts
| ||
|
Goosey
United States695 Posts
edit: oh and they run Windows Server? Unless you are reliant on that software stack I would recommend switching hosts for sure. Daily backup is pretty much standard. | ||
|
nofAcedAgent
United States952 Posts
On June 05 2008 12:56 Xeris wrote: who the hell cares where it is -________-; blog is the same shit as a forum post anyways, it's the exact same format, it's just in a different subsection of the site Chill yo~ I think he just meant it would get noticed by more people in the brood war section, hes not the one that hacked you, control your rage (;p) (not that I know the benefit of having more viewers) Anyway, hope the bastard gets caught man, sorry to hear it  | ||
|
Xeris
Iran17695 Posts
Woo I hope whoever hacked my site shows up to a LAN. | ||
| ||
