Comments on: New hacking attempt

By: Jenny

Jenny — Sun, 02 Mar 2008 15:40:49 +0000

when I changed to thickbox it seems to work, but I am afraid something could have happend to my db. How can I check?

Please send me an email and I will give you the address to my site.

Thanks for your help,
Jenny

By: alex.rabe

alex.rabe — Sat, 01 Mar 2008 16:22:20 +0000

@Jamas
keep in your mind that I’m not free for failure, good luck…

@Jenny
Give me a link to your page

By: Jamas

Jamas — Sat, 01 Mar 2008 16:09:13 +0000

Hey Alex,

Well so far NextGEN Gallery is holding up much better then WPPA to hack attempts. The site slsc.ca which I admin was hacked twice in the last week.

The first time they managed to replace all the files in my active theme. Mostly my fault as I had the folder permissions and file permissions wide open on that page.

However the second time they managed to insert a post into the site and replace the contents of several pages. I noticed that my stats show search hits for: ‘allinurl: page_id album “photo”‘ which is a WPPA format for pages. They then managed to upload a .zip file into the uploads directory. The some how managed to unzip it which must then have given them access to the site. Still trying to sort out all the details.

So I am going to try an experiment. Patch the site back up (clean copy of all wordpress files (just in case they managed to change anything). Remove WPPA and install NextGEN Gallery. The site slsc.ca now shows up on their hacking forum so will see if they managed to get in using NextGEN. I will let you know the results.

Jamas

By: Jenny

Jenny — Sat, 01 Mar 2008 12:08:12 +0000

Guess my site has been hacked as well. When you click at one of my pictures the lightbox doesnt appear anymore, the picture appears in the browser instead.
Where do I find log files and what to do?
Thanks for your help
J

By: Mike

Mike — Sun, 24 Feb 2008 22:47:19 +0000

Oh.. I wanna use it or some Flickr plugin, I dont know yet.
Your gallery looks nice though.

Greetings.
/Mike

By: alex.rabe

alex.rabe — Sun, 24 Feb 2008 18:35:24 +0000

I must be quite honestly say : I don’t know

By: Mike

Mike — Sun, 24 Feb 2008 18:07:01 +0000

I got to ask you
NextGen Gallery, is it secure?

Greetings.
/Mike

By: Mike

Mike — Fri, 22 Feb 2008 12:35:29 +0000

Thanks Alex.

Yeah youre absolutely right. I will do all necessary actions to secure my wordpress.

I have decided to hack the hackers forum + all their sites.
I just can’t sit back and pretend it never happened.
Like everyone else whos been hacked by them are doing..

Take care, Alex
Greetings :
/Mike

By: alex.rabe

alex.rabe — Fri, 22 Feb 2008 08:28:22 +0000

Mike,

in the Web with OpenSource Application we will never be secure again. Script Kiddies are review every piece of code, and of course plugins and WordPress itself could have a leak.

So review your logifile often, keep up to date , install only plugins which you really need.

By: Mike

Mike — Fri, 22 Feb 2008 01:14:16 +0000

Hello.

Yes I’ve had two hacks, the first was just a post, the second was severe - they erased everything, and my database was mangled too.. After a search for a while thru google I found where the hackers meet and talk about my site, and how to hack it : http://www.azhack.org/forums.php?m=posts&q=2486

I dont know if I can have any plugins after this.. Feels like everything is insecure..

Greetings.
/Mike