1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

If your running Indexscript directories check them now

Discussion in 'Directories' started by pipes, Jul 25, 2007.

  1. _JB_

    _JB_ Active Member

    Messages:
    48
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    63
    #21
    Hi I've just posted my experience re the hacks and a data fix - mainly manual fixes via phpadmin unless you have an up-to-date backup - over at indexscript.
     
    _JB_, Jul 25, 2007 IP
    daboss likes this.
  2. xfairguy

    xfairguy Well-Known Member

    Messages:
    441
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    160
    #22
    This sucks, I was hacked month ago and I posted that on index script forums and they reassured that they didn't hack my directory through the script, but I am now sure they did, I am not hacked this time but I recon it is only a mattter of will they hack it today later ot tomorrow.
    I just did a backup and now I am looking for places where they list free scripts security issues, maybe there is a fix for this issues, seems that developers lost interest in developing this script further.
     
    xfairguy, Jul 26, 2007 IP
  3. pipes

    pipes Prominent Member

    Messages:
    12,766
    Likes Received:
    958
    Best Answers:
    0
    Trophy Points:
    360
    #23
    I try not to over react but this has really made me losr confidence in the script, ive read on a thread over at their forum that someone is suggesting its only a few of us, thats a joke, last night when i checked there were loads that have been hacked.

    I dont think there has been any rush to tighten any security holes.

    Today, disappointed, frustrated, wanting to stop using that script and move the 3 directories over to a different script, im not sure if thats possible though.
     
    pipes, Jul 26, 2007 IP
    funkymario likes this.
  4. paidhosting

    paidhosting Peon

    Messages:
    4,822
    Likes Received:
    483
    Best Answers:
    0
    Trophy Points:
    0
    #24

    Sad , did you mention to them that http://www.indexscript.com/ is also currently hacked, maybe they should fix that also, doesnt look good for the script at this point.
     
    paidhosting, Jul 26, 2007 IP
  5. pipes

    pipes Prominent Member

    Messages:
    12,766
    Likes Received:
    958
    Best Answers:
    0
    Trophy Points:
    360
    #25
    Hi paidhosting

    Yeah ive posted over there and others are too and its rather worrying that their own site is still in a hacked state, it doesn't look like theres going to be any hurry if any, to solve things.

    I know my whole day will be taken up with trying to sort this mess now, i would appreciate if they posted and said their busy working on a solution but i dont see that yet.

    My sympathy to anyone affected, anyone who hasn't even realised theirs is hacked now, and anyone who has ever been hacked.
     
    pipes, Jul 26, 2007 IP
    The Pheonix likes this.
  6. JuggernautH

    JuggernautH Guest

    Messages:
    2,116
    Likes Received:
    42
    Best Answers:
    0
    Trophy Points:
    140
    #26
    Only one of my directories are hacked right now, hopefully it will stay that way. hakon the owner of indexscript seems to be away or something as he isn't replying on his forum.

    The a**whipe that hacks all the indexscript directories is such an idiot, why hack something that someone is giving for free? That's beyond my understanding.

    If anyone find's any security loops and can fix it i am happy to pay some small ammounts of $ thru paypal.
     
    JuggernautH, Jul 26, 2007 IP
    daboss likes this.
  7. Providence

    Providence Peon

    Messages:
    568
    Likes Received:
    44
    Best Answers:
    0
    Trophy Points:
    0
    #27
    Ei, guys even indexscript.com has been hacked.
     
    Providence, Jul 26, 2007 IP
  8. JuggernautH

    JuggernautH Guest

    Messages:
    2,116
    Likes Received:
    42
    Best Answers:
    0
    Trophy Points:
    140
    #28
    Yea we know ;)
     
    JuggernautH, Jul 26, 2007 IP
  9. Providence

    Providence Peon

    Messages:
    568
    Likes Received:
    44
    Best Answers:
    0
    Trophy Points:
    0
    #29
    I thought so. Indexscript is so nice. daboss is so nice. Why would anyone do this?

    Anyway, backup backup backup :|
     
    Providence, Jul 26, 2007 IP
  10. currenz

    currenz Peon

    Messages:
    1,672
    Likes Received:
    81
    Best Answers:
    0
    Trophy Points:
    0
    #30
    That's bad. I hope someone could find out the security loophole and rectify the problem soon
     
    currenz, Jul 26, 2007 IP
  11. JuggernautH

    JuggernautH Guest

    Messages:
    2,116
    Likes Received:
    42
    Best Answers:
    0
    Trophy Points:
    140
    #31
    If anyone can find the loophole and fix it i will pay you $5-$10 !
     
    JuggernautH, Jul 26, 2007 IP
  12. daboss

    daboss Guest

    Messages:
    2,249
    Likes Received:
    151
    Best Answers:
    0
    Trophy Points:
    0
    #32
    sorry for being missing... i'm having a look at it now... hopefully i'll get to the bottom of it...
     
    daboss, Jul 26, 2007 IP
  13. Colbyt

    Colbyt Notable Member

    Messages:
    3,224
    Likes Received:
    185
    Best Answers:
    0
    Trophy Points:
    210
    #33
    Get that quote off of here. You are pouring gasoline on the fire.


    Yes. That is what they are doing. Then they take the encrypted password to a cracker site and it decodes it.

    Then they login and have fun. Change the password and you can not get in.

    I hacked one of my own sites that they have not found yet to prove that it works.

    I have reported this Hakon over at the indexscript site.
     
    Colbyt, Jul 26, 2007 IP
    daboss likes this.
  14. daboss

    daboss Guest

    Messages:
    2,249
    Likes Received:
    151
    Best Answers:
    0
    Trophy Points:
    0
    #34
    daboss, Jul 26, 2007 IP
    kiviniar likes this.
  15. JuggernautH

    JuggernautH Guest

    Messages:
    2,116
    Likes Received:
    42
    Best Answers:
    0
    Trophy Points:
    140
    #35
    No need to feel bad daboss, everyone manages to do something wrong from time to time :)
     
    JuggernautH, Jul 26, 2007 IP
  16. Colbyt

    Colbyt Notable Member

    Messages:
    3,224
    Likes Received:
    185
    Best Answers:
    0
    Trophy Points:
    210
    #36
    Rename the login.php file to something else or remove it.

    They can still get your current password but they can do nothing with it.

    I have recovered control of my site and will post the how in a bit.
     
    Colbyt, Jul 26, 2007 IP
  17. pipes

    pipes Prominent Member

    Messages:
    12,766
    Likes Received:
    958
    Best Answers:
    0
    Trophy Points:
    360
    #37
    After what has happend im migrating my databases on my 3 affected sites to phplynx script, had a chat over there this morning and its already possible by this afternoon as an option for anyone running Indexscript.

    Light at the end of a dark tunnel you could say.:)
     
    pipes, Jul 26, 2007 IP
  18. malcolm1

    malcolm1 Prominent Member

    Messages:
    7,148
    Likes Received:
    758
    Best Answers:
    0
    Trophy Points:
    310
    #38
    Not a problem the situation was resolved within 24 hours and a Fix available..

    I dont think you can ask for more then that from anyone else so.. ;)

    Good work Daboss..
    Excellent work on the fix :)

    thx
    malcolm
     
    malcolm1, Jul 26, 2007 IP
  19. daboss

    daboss Guest

    Messages:
    2,249
    Likes Received:
    151
    Best Answers:
    0
    Trophy Points:
    0
    #39
    daboss, Jul 26, 2007 IP
    pipes likes this.
  20. daboss

    daboss Guest

    Messages:
    2,249
    Likes Received:
    151
    Best Answers:
    0
    Trophy Points:
    0
    #40
    thanks... don't forget that i'm a one-man show and am making peanuts (lietrally peanuts) from the script... it's a hobby...
     
    daboss, Jul 26, 2007 IP
    funkymario likes this.