 Author:
|
Topic: Hackers alert ! | ||||
 OnLast Visit: 05/20/06  Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
Hi
A group of hackers from *.id Are trying to hack into web-app sites please add this address to your ban list 202-127-108-242.triplegate.net.id Add this one too: 202.127.97.3 Moderators/adminsitrators plase read a message with hacking details at the moderators list. On And *.id if you are reading this post, a message for you: Your actions are fully logged and an email to abuse@ is its on his way with a copy to your mamma  wana be a hacker? learn to hack first
(Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org...  [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org...      [/center] |
||||
| Logged |
| ||||
| On Last Visit: 05/20/06 Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
Copy of complaint to abuse@ (deleted logs for security reasons)
Sent from an official gov email address, if we get no reply I intend to send a complaint to the domain provider. All expenses (my working hours!) will be billed  Dear Sirs, According to our records as submitted below, there are hackers using your domain trying to access pwd files at our site in which is located on a Norwegian government's website. I have also been informed that these hackers have been defacing at least 3 websites recently all which are using a web portal script from www.web-app.net .... Such a conduct is a severe violation of international internet rules, ethics and standards and would not be accepted by your domain provider. It would be greatly appreciated if you could treat this matter as soon as possible. Your prompt reply would be appreciated. Log: Event took place about 2 hours ago 1. Septmeber 2004. 202-127-108-242.triplegate.net.id ----------------------------- 202-127-108-242.triplegate.net.id ----------------------------- 202-127-108-242.triplegate.net.id ----------------------------- Kind regards (Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org... [/center] |
||||
| Logged |
| ||||
| Jane Last Visit: 09/04/13  Level 3 Dev Joined: 06/29/06 Forum Posts: 101 |
On, I am having a "brain" dead moment, should I be putting the addreses you gave us in the IP Access section of Site Admin, its just the fact its called IP access rather than Ban list which is throwing me
Jane. www.rjt.org.uk |
||||
| Logged |
| ||||
| On Last Visit: 05/20/06 Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
Jane hi, Yeah it confused me too. Wrote a sub for domain ban, the ip access will not stop them, they are using a dynamic ip, and allready logged of (while i was trying to scan thier ports on that ip )But can not release the sub before tonite when I get back from work. This sub will let you ban domains like *.id and *.net.id Hopfully anton will read this before I get back and write a solution (he has a similiar hack if I remember right..). Would suggest to install the patch that Carter released recently too, but please note that this patch only stops them on the topics excuter.. while they are trying these tricks also on other excuters! On :) (Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org... [/center] |
||||
| Logged |
| ||||
| Jane Last Visit: 09/04/13 Level 3 Dev Joined: 06/29/06 Forum Posts: 101 |
Thanks On,
I will keep an eye on the thread. See what comes. I don't understand too much about the mechanisms for Hacking and do appreciate all the help you all provide to help keep all our sites safe. Jane. www.rjt.org.uk |
||||
| Logged |
| ||||
| On Last Visit: 05/20/06 Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
(Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org... [/center] |
||||
| Logged |
| ||||
| DenDen33 Last Visit: 02/05/05  Level 7 Joined: 05/26/02 Forum Posts: 2244 |
I always get strange countries visiting my site, but they can't seem to do anything. When they hang out a tad too long, then i just block the entire IP branch. (My audience isn't international, so i dont care. :) )
What do you mean it's NOT butter? |
||||
| Logged |
| ||||
| On Last Visit: 05/20/06 Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
If someone without an os is trying to browse your etc/ folder... I would care The problem with the present sub ban that it doesnt ban doamis, but one should make a simpel change there adding a $ to the ende of the matching string so it will start matching from the end, there by it would match both a domain ban and a dynamic ban :) (Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org... [/center] |
||||
| Logged |
| ||||
| DenDen33 Last Visit: 02/05/05 Level 7 Joined: 05/26/02 Forum Posts: 2244 |
I don't use webapp's banning device, i use htaccess. I'm an exception.
What do you mean it's NOT butter? |
||||
| Logged |
| ||||
| Jane Last Visit: 09/04/13 Level 3 Dev Joined: 06/29/06 Forum Posts: 101 |
Thanks On, I will give it a try.
Can't use .htaccess as my hosting does not allow it. Jane. www.rjt.org.uk |
||||
| Logged |
| ||||
| On Last Visit: 05/20/06 Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
Please wait! The messageboard is killing the code!!  Will uplaod it on my site. (Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org... [/center] |
||||
| Logged |
| ||||
| On Last Visit: 05/20/06 Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
DenDen did you see the post I made in the moderators forum? Posted the entire procedure they used, nothing personal.. but according to that procedure none of us is protected. Further more thsi hack here will only prevent them from using a script, they can still run these commands manually. (Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org... [/center] |
||||
| Logged |
| ||||
| On Last Visit: 05/20/06 Level 7 Dev Joined: 06/19/03 Forum Posts: 6737 |
Are you into the showbiz? wooow! What? where? On (Damian Conway from the book Perl Best Practices). [*]LANGUAGE FILES (and language support) -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP SECURITY PATCHES -> http://www.mlapp.org... [*]FOR THE LATEST WEB-APP MODS (addons) -> http://www.web-app.net... /perl/webapp/modapp/[*]FOR THE LATEST VERSION OF STATSLOG script (security addon) -> http://www.mlapp.org... [*]TO CONTACT ME CLICK HERE-> info@mlapp.org OR VISIT-> http://www.mlapp.org... [/center] |
||||
| Logged |
| ||||
| DenDen33 Last Visit: 02/05/05 Level 7 Joined: 05/26/02 Forum Posts: 2244 |
I know it's not personal. LOL Anyway, this is what you do in htaccess to prevent casural browsing code: then, nobody can browse anything :) Also, my host has a feature on it that permits me to block casual browsing at all levels. What do you mean it's NOT butter? |
||||
| Logged |
| ||||
| Jane Last Visit: 09/04/13 Level 3 Dev Joined: 06/29/06 Forum Posts: 101 |
Hi,
I don't know if its working, but I added the code to my subs.pl in user-lib and the site still works. Any way for someone like me to check if its working? Jane. www.rjt.org.uk |
||||
| Logged |
| ||||
| Chip Last Visit: 10/31/08  Moderator Joined: 01/28/03 Forum Posts: 162 |
Hi On, can this code be added to the subs.pl in my user-lib dir, or does it need to be replaced in the original in the cgi-lib?
My generic signature... |
||||
| Logged |
|
  Hackers alert ! Security Forums | ||
| Pages: [1] 2 3 4 5 | ||
EricColteau
juliocba
pronxt
FaroScreen
JohnR
psk_suresh
youri
totalshop
davefish77
SkalVad
3 days and 12 hours ago. Support, Install fails by On. 20 days and 16 hours ago. Support, no graphics and can't log into admin by Jack Deth. 22 days and 20 hours ago. Support, Making web app a paid membership site by Jack Deth. 22 days and 21 hours ago. Support, Skip install - Manual install? by Jack Deth. 17 days and 19 hours ago. WebAPP Net Site, Site Specific Bugs by Jack Deth. 2 days and 12 hours ago. Beta Testing, Are we here yet? ;-) by Jack Deth. 8 days and 19 hours ago. Support, Hiawatha Server under Puppy Linux by Jack Deth. 8 days and 23 hours ago. Version 2.0 announcements, Virtual Cooperation (VBPumar0101) by spammer. 14 days and 1 hour ago. V.1.0 Screenshots, Can't install, Internal Server Error by virtuemart1.
21 days and 4 hours ago. WebAPP Market Place, SpareRoom (vbpumar0101) by abaid0101. 15 days and 15 hours ago. Support, New user cannot change profile settings by miguelgomes. 17 days and 17 hours ago. Support, Other web-app versions by On. 23 days and 22 hours ago. Chat, Social Anxiety UK (toqirahmad1) by toqirnwl. 23 days and 9 hours ago. Support, Site Admin area has no links by On. 24 days and 12 hours ago. Support, Admin Not working by On. 29 days and 3 hours ago. Version 2.0 announcements, Web-APP the best CMS on earth! by toqirnwl. 31 days and 11 hours ago. Support, New WebAPP - Release date by Woo Hoo.
6 days and 14 hours ago. Chat, Blackberry Playbook testing with web-app by Jack Deth. 8 days and 11 hours ago. Support, Malware notification regarding http://ankarahhh.co by gspot. 9 days and 7 hours ago. Support, Installation error TaDS.pm by Jack Deth. 15 days and 2 hours ago. Support, Just install a localhost to try out this by weiyan. 25 days and 13 hours ago. Support, Upgrade from by Jack Deth. 25 days and 13 hours ago. Support, Upgrade did not by Jack Deth. 25 days and 13 hours ago. Support, Where do you change by Jack Deth. 9 days and 13 hours ago. Support, install path error problem by GrandaddyBonegrinder. 9 days and 10 hours ago. Support, Important message to the web-app dot org users by Woo Hoo. 24 days and 21 hours ago. Chat, The Orgs by Jack Deth. 30 days and 16 hours ago. Support, Privileges and access control by On. 25 days and 18 hours ago. Chat, Tips to Get Repeat Web Traffic by Woo Hoo. 25 days and 18 hours ago. Community Share, What's This All About? by Woo Hoo. 25 days and 18 hours ago. Community Share, Google Joins the Browser Market!! by Woo Hoo. 2 days and 11 hours ago. Beta Testing, New alpha package! by Woo Hoo. 6 days and 15 hours ago. Support, Install Failure by On. 17 days and 15 hours ago. Chat, To OSCommerce 3.0 or Not? Depends on your Ho by Jack Deth. 1 week and 6 hours ago. Community Share, Web hosting Services and Domain names by Martin Case.
1 week and 6 hours ago. Chat, Must Have Features Your Web Site by Martin Case. 1 week and 11 hours ago. Beta Testing, CGI NO MORE! by Woo Hoo. 10 days and 15 hours ago. Support, How may I change de banners? by On. 26 days and 10 hours ago. Community Share, My WebAPP Sites by SafePit. 6 days and 4 hours ago. Mods Discussion and Support, forum pages count by zalias7. 1 week and 5 hours ago. Bug FIXES, no continue button on install page 2 by Jack Deth. 2 days and 15 hours ago. Support, Can't locate Babel.pm in @INC . by On. 11 days and 16 hours ago. WebAPP Market Place, Not an April fools joke. No thanks to 12,000 by On. 15 days and 16 hours ago. Ideas, Pagenated Articles? by Flex. 22 days and 21 hours ago. Support, Question by On. 5 days and 6 hours ago. Support, logs.cgi by On. 23 days and 10 hours ago. Community Share, Toy by Woo Hoo.
Powered Proudly and Safely by WebAPP
