1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Site Hacked by jarkmeister, Help!

Discussion in 'Security' started by dkin69, Jul 1, 2007.

  1. #1
    Viewed my site at 3 today and it was fine, view it again at 6:30 and I see this [​IMG]

    I have no idea how to go about handling a hacker, if anyone could help I would appreciate it.

    site is http://www.sqwibble.com

    Dylan
     
    dkin69, Jul 1, 2007 IP
  2. Smithers

    Smithers Banned

    Messages:
    1,442
    Likes Received:
    29
    Best Answers:
    0
    Trophy Points:
    0
    #2
    There is nothing you can do I have been hacked before by triangledates.com/ and all I could do is get the back up files back up.
     
    Smithers, Jul 1, 2007 IP
  3. dkin69

    dkin69 Active Member

    Messages:
    644
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #3
    anyway I can figure out how he did it so I can make the site more secure?
     
    dkin69, Jul 1, 2007 IP
  4. Smithers

    Smithers Banned

    Messages:
    1,442
    Likes Received:
    29
    Best Answers:
    0
    Trophy Points:
    0
    #4
    I am not sure but was it a forum? Because PHPbb is easily hacked.

    Also search google for JarkMeister I suspected he was a gamer because half the sites I have gotten hacked were gaming sites.
     
    Smithers, Jul 1, 2007 IP
  5. dkin69

    dkin69 Active Member

    Messages:
    644
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #5
    dkin69, Jul 1, 2007 IP
  6. Smithers

    Smithers Banned

    Messages:
    1,442
    Likes Received:
    29
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Google DarkMeister and maybe you can contact him I don't know what it will do but if you can get his MSN send it here.
     
    Smithers, Jul 1, 2007 IP
  7. dkin69

    dkin69 Active Member

    Messages:
    644
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #7
    did that, from what I was able to find his email is .

    undoubtedly not his main email but its all I could find, and hes from norway I believe.
     
    dkin69, Jul 1, 2007 IP
  8. clancey

    clancey Peon

    Messages:
    1,099
    Likes Received:
    63
    Best Answers:
    0
    Trophy Points:
    0
    #8
    It sound like your script seriously needs to be patched by the people who created it because it is easy to hack the cookies to gain admin access to the site.

    Check out this July 1 advisory: http://www.milw0rm.com/exploits/4133

    Unfortunately, I do not have the script on any of my machines, so I cannot suggest what code to fix.
     
    clancey, Jul 2, 2007 IP
  9. dkin69

    dkin69 Active Member

    Messages:
    644
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #9
    AWESOME.


    (Sarcasm)

    Damm.

    Oh well, will just sell the domain now.

    Will never buy that script again.

    Thanks for letting me know.

    Dylan
     
    dkin69, Jul 3, 2007 IP
  10. narendrasol

    narendrasol Banned

    Messages:
    260
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #10
    narendrasol, Jul 4, 2007 IP
  11. narendrasol

    narendrasol Banned

    Messages:
    260
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #11
    For more information contact script owner - http://www.arcadebuilder.net/ If you have any problem then please post massage on this thread

    Thanks
    Narendra
     
    narendrasol, Jul 4, 2007 IP
  12. dkin69

    dkin69 Active Member

    Messages:
    644
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #12
    apparently there has been a ptach released for this script to block the sql injection, get in contact with Winston over at arcadebuilder for it.

    Ps, hes a great guy, really helpful.
     
    dkin69, Jul 4, 2007 IP
  13. xxKillswitch

    xxKillswitch Peon

    Messages:
    331
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #13
    If you have log files on your server, that can be a good source to find out how your site was hacked.

    Did the hacked leave any sort of contact? I have had my site hacked once before (only because I used a simple password, and used same pass at a PHPBB forum the guy hacked), but I contacted him, asked him how he did it, he showed me how exactly to hack that version of PHPBB and told me how to prevent it... pretty nice of him.
     
    xxKillswitch, Jul 4, 2007 IP
  14. ht125

    ht125 Notable Member

    Messages:
    1,261
    Likes Received:
    69
    Best Answers:
    1
    Trophy Points:
    235
    #14
    ht125, Jul 4, 2007 IP
  15. dkin69

    dkin69 Active Member

    Messages:
    644
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #15
    so was my version of arcade builder the first to be hacked then???
     
    dkin69, Jul 4, 2007 IP
  16. MrSocko

    MrSocko Active Member

    Messages:
    466
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    80
    #16
    Mine too... damn it...

    www.proarcade.info
     
    MrSocko, Jul 12, 2007 IP
  17. dkin69

    dkin69 Active Member

    Messages:
    644
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #17
    running fine now mate.
     
    dkin69, Jul 12, 2007 IP
  18. scriptmakingman

    scriptmakingman Active Member

    Messages:
    280
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    58
    #18
    scriptmakingman, Aug 8, 2007 IP
  19. ultimatehandyman

    ultimatehandyman Peon

    Messages:
    246
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #19
    I have had arcade builder on my site for a couple of years.

    Today I checked the arcade and there has been links posted to these sites-

    Free Online Games
    Shooting Games
    Girls Games
    Games Online
    Fashion Games
    Free Games
    Watch Movies Online

    I emailed Winston and then I found this thread and so I have changed my password and run the security patch as recommended above.

    I have to say that Winston is normally very helpful when there are problems ;)
     
    ultimatehandyman, Jul 21, 2009 IP
  20. rive0108

    rive0108 Peon

    Messages:
    119
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #20
    I know this thread is kinda old, but let me tell you that the fixes for arcade builder (all of them) are available.

    Some background for those not aware. Arcade Builder is actually gamesitescript- an old version without many functions or features, and even without the security fixes/patchs that the new GSS 4.5/5.0 has.

    There are many broken features of arcade builder, and many sqli and xss vunerabilities.

    If you run Arcade Builder then you can add the features/fuctions/mods and fixes here:
    www.gssmods.com


    Examples:

    SQLi exploit:
    (search allows non-alpha/numeric parameters to be entered into search)
    http://www.mygumba.com/index.php?params=search&q=%27

    XSS (cross site scripting)
    (can bypass the token system and create over 1,000 token credits
    Checkref() function vunerable- not sanitizing database input
    not using mysql_real_escape_string

    Registration will allow sqli injections as it doesnt sanitize, or restrict
    Usernames can be registered like the following:
    TAF Mailer http referrer vunerablility/spam mailer:
    Taf mailer can be access and used whether it is disabled or not in the admin area (Guest Users can still access and use it even if it is restricted to members only), and since it has no captcha can be easily used to spoof a http referrer (if link to taf embedded on another site it will send a url link from that site instead of a link from your own site), and the taf mailer can easily be used by autmated spam bots/spam mailer programs to automate the sending of 1,000's of emails from your website.
    http://www.mygumba.com/index.php?params=taf
     
    Last edited: Nov 14, 2010
    rive0108, Nov 14, 2010 IP