You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 181 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Hacker sent this file. [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

 
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
Author Message
ceasar
Nuke Soldier
Nuke Soldier


Joined: Mar 19, 2004
Posts: 12


PostPosted: Wed Apr 27, 2005 6:53 pm Reply with quoteBack to top

My basketball site received this from this hacker XTech Inc. 2 days ago.

Quote:
Xtech inc hax0r3d y0ur b0x - xtech@bsdmail.org - by Status-x


This was the index.html file, I just deleted this file and checked my site and don't see any damage as far as I can tell. This hacker posted his actions here - http://www.zone-h.com/en/defacements/view/id=2312390/
and noticed he's been busy.
Find all posts by ceasarView user's profileSend private message
fisicouk
Sergeant
Sergeant


Joined: Nov 25, 2004
Posts: 84


PostPosted: Thu Apr 28, 2005 5:01 am Reply with quoteBack to top

whats his IP
what phpBB version do yu use
Any NUKE SECURITY Programs????
Details details...

_________________
Image
Host.Deny Your Fast Track Security Resource
Find all posts by fisicoukView user's profileSend private message
ceasar
Nuke Soldier
Nuke Soldier


Joined: Mar 19, 2004
Posts: 12


PostPosted: Thu Apr 28, 2005 8:38 am Reply with quoteBack to top

hackers ip address is 69.56.179.82
phpnuke version is 7.5 and use sentinel 2.2.0 for security.
My mistake is not upgrading the phpbb, the current version is 2.0.10 but will be 2.0.13 this weekend. As far as I know all the patches are current.
Find all posts by ceasarView user's profileSend private message
KiLZo
Private
Private


Joined: Aug 17, 2003
Posts: 49

Location: Virginia Beach, VA

PostPosted: Mon May 02, 2005 3:22 pm Reply with quoteBack to top

Does anyone know anything about this group called g00ns .... and if so how can i take legal action against them..


This hammered KRVS.NET

_________________
you will never get a purple heart hiding in a foxhole MOVEOUT! - RET USMC CAPT . Vietnam 1968 - no its not me ... but i am former USMC

Image
Find all posts by KiLZoView user's profileSend private messageSend e-mailVisit poster's website
Evaders99
Site Admin
Site Admin


Joined: Aug 17, 2003
Posts: 12482


PostPosted: Mon May 02, 2005 3:51 pm Reply with quoteBack to top

Looks like g00ns has hit a lot of phpBB sites that are vulnerable.
Seems they are redirecting to this domain:

http://www.whois.sc/g00ns.com

Use that information, contact their host, get them to shut it down

_________________
Helping those that help themselves
Read FIRST or DIE!

"Fighting is terrible, but not as terrible as losing the will to fight."
Star Wars Rebellion Network - Need Help? Evaders Squadron Coding
Find all posts by Evaders99View user's profileSend private messageVisit poster's websiteAIM Address
syred
Nuke Soldier
Nuke Soldier


Joined: Dec 05, 2004
Posts: 24


PostPosted: Mon May 02, 2005 4:28 pm Reply with quoteBack to top

Quote:
hackers ip address is 69.56.179.82


* Dns resolved 69.56.179.82 to 69-56-179-82.theplanet.com
-
* Dns resolved semhs.com to 69.56.179.82

Well.. theplanet.com is your host, i guess this server is being used by 100webspace (or something)

You must have logs somewere, look at your logs, and you will find what the hacker did and how he passed your security systems, and what ever it was, update it.
Find all posts by syredView user's profileSend private message
zaitsev
Corporal
Corporal


Joined: May 30, 2004
Posts: 65


PostPosted: Mon May 09, 2005 11:04 pm Reply with quoteBack to top

i spoke to the planet:

Quote:
Thank you for the notification. Our Manager and VP of Information Security have been and are handling this issue currently, as they keep popping in and out of The Planet's network.

_________________
Free Image Hosting!
Find all posts by zaitsevView user's profileSend private message
jagan
Nuke Cadet
Nuke Cadet


Joined: Jun 13, 2005
Posts: 1


PostPosted: Sun Jun 12, 2005 8:58 pm Reply with quoteBack to top

I have seen my web site http://www.indiabook.com index page changed to index.htm and this was hvaing written XTech Inc

I came to know about this in just 15 minutes after this change and i restored the old home page
Find all posts by jaganView user's profileSend private message
atsouch
Nuke Cadet
Nuke Cadet


Joined: Jun 19, 2005
Posts: 1


PostPosted: Sun Jun 19, 2005 1:52 pm Reply with quoteBack to top

I have just experienced a "visit" by Xtech Inc. Do you know if they just change files (html or php) from the website or can they get root access to the server?

Is it safe to logon via telnet and just replace the php files?
Find all posts by atsouchView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.311 Seconds - 271 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::