473,394 Members | 1,693 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > how could have my sites been hacked?

Join Bytes to post your question to a community of 473,394 software developers and data experts.

How could have my sites been hacked?

Hi there - I've been designing websites for a few years... but I'm self taught so I'm sure there's a lot of stuff I've missed out on. I design my sites from scratch and usually install a basic content manager I developed in PHP. I password protect the content manager in an Admin folder using the cPanel function to password protect folders. Over Christmas, about six of my sites were hacked by some people called Tn-Sn!per and Scorpia Boy with some message about Palestine. Some of the sites just had the index page hijacked, but others had phishing scams and new folders installed. What would I be doing wrong to invite this? Are they getting through the cms login somehow? (the cms is just a bunch of links to update content in the database but none of that has been touched) The websites are mainly with the same host, although one or two of them are different. The hosting passwords are fairly secure, but I suppose the admin passwords are easier to get through. Is this the problem do you think? Or could my code be vulnerable somehow? I don't use CGI scripts of Javascript - just PHP and mysql queries. Thanks in advance for any assistance. I've attached a screenshot of one of the hacked pages.
Attached Images
File Type: jpg hack.jpg (52.2 KB, 492 views)
Jan 16 '11 #1
3 1995
dlite922
1,584 Expert 1GB
Your host could have been hacked due to vulnerabilities on their side. This might be the case if all of your site is with one host. If you have multiple hosts, then the bet is on a huge flaw in your app.

We can't really tell you how they hacked your site without a code review of your entire application. This forum is not a medium for that.

Popular hacking techniques are:
1. SQL Injection
2. Cross Site Scripting
3. Plain text passwords in network traffic (packet sniffing). Are you using SSL?
4. Session/Cookie hacking.

Plain answer: Educate yourself.

"act like a hacker" towards your own sites.

DM
Jan 17 '11 #2
Your webpage server MIGHT be down as due to FIREBUGS you could also disable FIREBUGS in your page to just search http://www.google.com for firebugs.

-Nicholas
If there are any enquiry this SHOULD be sent to my via-email at: <email removed>
Nov 10 '11 #3
hi hhh im scorpia boy im vry proud that me and tn sn!per hack our six sites so be proud
Feb 3 '12 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

6
Have been hacked ????
by: Bob Bedford | last post by:
My database suddently dissapeared from my ISP. I've logged in and the database doesn't exist anymore. I don't know anything about website hacking, so my code is possibly open for hackers. ...
PHP
2
phpBB sites hacked.
by: codefixer | last post by:
Hello: The phpBB sites are hacked. If you search for "HACKED BY CYBER-ATTACK" on msn.com you will get a list of all the sites hacked. Anyone knows what is the way to clean this up ? Thanks.
PHP
3
Designer support question
by: JKJ | last post by:
I have a custom web control that needs a javascript file to be included as part of the project. I want to have the control automatically add the file in a specific folder to the project when the...
C# / C Sharp
1
CultureInfo getting hacked during page load.
by: rerdavies | last post by:
OS: WIndows Server 2003. Currently logged in user is running with German(German) regional settings. Code fragment: System.Globalization.CultureInfo culture = new...
ASP.NET
5
Have I been Hacked???????
by: David Carter | last post by:
Hello I switched my computer on today and found that a new login of "ASP.net" had been added, it was a full priviledge account. Can anyone tell me what has happened? I have no idea what ASP is so...
ASP.NET
8
Hacked with system()
by: Oski | last post by:
Hello, our server got hacked through a security hole in an open source php chat script. (nothing new so far, ok!) This chat script allowed the user to create a new php script on our server,...
PHP
4
Strange appearing javascript - hacked
by: Wong Yung | last post by:
Hi guys, I recently noticed this strange script appearing on my webpage. I know I didn't put it there because I hand-coded it. Someone told me it looks like javascript and it looked like I...
Javascript
0
unhandled exception in the designer
by: =?Utf-8?B?U0FM?= | last post by:
Has anyone every created a custom control where the following has happened: 1. Created a new project and added the reference to your custom control to the project 2. Selected Tools>Choose...
C# / C Sharp
4
Tarantulus
Tracking down a hacker (my site has been compromised)
by: Tarantulus | last post by:
Hi guys, I've been hacked. my homepage has had <script> tage inserted into it pointing to a russian site with a trojan... only problem is I don't know how, and don't know where to start...
PHP
1
yahoo mail has been hacked by someone
by: lion cave | last post by:
Hello gud day! I have a problem to a work. Our sister company was hacked their yahoo email by someone from nigeria. i wud like to ask how to get back the yahoo email of our sister company...
Networking - Hardware / Configuration
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!