HELP my site was hacked PLEASE

Discussion in 'Security' started by czar2178, Jul 27, 2009.

0
  1. #1
    today my site was hacked it is using Scripteen Free Image Hosting Script V 2.2

    I am very stupid in not backing up the site and they said they deleted everything. is there anything at all possible I can do to fix this, maybe they really didn't delete, I am not good with coding or anything like that so I can't tell
    the site is hardcoreupload[dot]com


    Thanks
     
    czar2178, Jul 27, 2009 IP
  2. dannywwww

    dannywwww Well-Known Member

    Messages:
    804
    Likes Received:
    18
    Best Answers:
    0
    Trophy Points:
    110
    #2
    Scripteen image hosting script has a few vulnerabilities...either pay a programmer to fix the security issues, or find a different script. You view all the exploits on milw0rm.com. (use the search)
     
    dannywwww, Jul 27, 2009 IP
  3. czar2178

    czar2178 Active Member

    Messages:
    134
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    53
    #3
    can you suggest a better script to use? More secure
     
    czar2178, Jul 27, 2009 IP
  4. ddmd

    ddmd Peon

    Messages:
    60
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    I can't give much help with that, but if you have your site on a shared host, they might have a backup for that (they generally backup everything on a daily basis). Ask them for help...

    If you are on a private (dedicated) server, you might be out of luck. There are tools on Linux that can recover files but they generally don't work very well... If you think he didn't deleted, use the "find" command to look for your files (like find / -name index.html) to see if there is anything left.

    For the future, always do a backup, monitor your sites and avoid third party scripts that are not audited.

    *try http:// sucuri.net for future monitoring needs too.
     
    ddmd, Aug 3, 2009 IP
  5. Bohra

    Bohra Prominent Member

    Messages:
    12,573
    Likes Received:
    537
    Best Answers:
    0
    Trophy Points:
    310
    #5
    Bohra, Aug 3, 2009 IP
  6. webbynoc.com

    webbynoc.com Peon

    Messages:
    71
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    was the server shelled?
     
    webbynoc.com, Aug 4, 2009 IP
  7. Zizzi

    Zizzi Peon

    Messages:
    67
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    There isn't too much you can do now. Ask your host for backups, and make sure there isn't a shell on your server somewhere. ALWAYS back up your files. Especially on an image hosting site where people are trusting you with their images!

    Also, milw0rm.com is a great place to check for obvious security holes. Make it a habit to look there before you install a script.
     
    Zizzi, Aug 4, 2009 IP
  8. eric_basher

    eric_basher Peon

    Messages:
    185
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #8
    ask your hosting provider they ussual have backup daily or weekly then patch the script or hire programe to fixed :)

    good luck!
     
    eric_basher, Aug 5, 2009 IP
  9. justdoit1

    justdoit1 Peon

    Messages:
    100
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #9
    There is no patch for ignorance. Even so-called secure script have subtle security holes.
    Backup and always backup.

    Whenever you use free scripts/applications on the web, be sure to find public known vulnerabilities:

    You can search:
    http://yehg.net/?q=Scripteen Free Image Hosting Script&c=Exploits

    milw0rm is not the complete exploit archive. You have to use Google and other sites for full coverage.
     
    Last edited: Aug 5, 2009
    justdoit1, Aug 5, 2009 IP