an fyi about my LL's

plateman · 2009-11-01, 07:01 PM

yeah I was hacked and my luck I get some google love and I have that warning message that my site may harm there computer

so I now gotta fix that problem, this biz really can get under your skin

then some of your submitters may think I put that stuff on my sites

anybody that really knows me, would know I would never stoop to that level, sure money got tight, but I went back to rebuilding transmissions non hourly months ago to make up the loss in my income, now its tuff with all my musculoskeletal problems to do both

sure I can review my lists but thats about it, and sure I take some hefty meds but there not magic

Bill · 2009-11-01, 07:03 PM

what type of hack?

plateman · 2009-11-01, 07:08 PM

Quote:

Originally Posted by Bill

what type of hack?

browser attacks and use of I frames, my host phatservers said most likely they found a hole in one of my scripts

Bill · 2009-11-01, 08:01 PM

Any clues to which one, which script? It seems to me that it would be useful information to everyone to know how they can be attacked.

I gather there are those two main types of hacks - ftp password thefts and using script weaknesses to inject something into the mysql (if I understand that second one correctly, and I likely don't).

We all fear the hack.

plateman · 2009-11-01, 08:28 PM

they didnt go into great detail, but after I got the email I thought - why didnt they tell me what script was it - LOL, but here is the email I got

PP has linkadmin and jmb AGP running it, I never heard linkadmin getting hacked on hardly any LL

It does look like some script on your site has a vulnerability. You'll see iframe tags added to your .htm files that are group writable by the www user (apache). Your ftp account does not look like it's been compromised. Your ** user has only logged in once this month. I've removed permissions for apache to write to your files and removing the iframes for you now.

cd34 · 2009-11-01, 10:14 PM

comus thumbs anywhere on your system?

plateman · 2009-11-01, 10:26 PM

nope, thanks for posting

Ramster · 2009-11-02, 08:52 AM

plateman, I had a site have that warning from google and I sent them an email/message and explained I was hacked and it was removed and the hole was plugged and the warning was removed within a few days.

plateman · 2009-11-02, 05:19 PM

Quote:

Originally Posted by Ramster

plateman, I had a site have that warning from google and I sent them an email/message and explained I was hacked and it was removed and the hole was plugged and the warning was removed within a few days.

yeah? in webmaster tools it said it could take weeks, anyway life is good after the hack, making sales, collecting epasses, and have that G love again

I just checked some terms I am ranking for, and yesterday the warning was on my listing - but now there gone

ed_banger · 2009-11-02, 01:25 PM

I'd still change your passwords and have your local machine scanned for viruses anyways, and possibly look into not saving your FTP passwords and/or switching to SFTP for uploading.

smutguy · 2009-11-02, 10:09 PM

I got hit by this last month undetected malware that steals all your ftp logins.This malware looks for the following top 10 FTP programs on your system and steals all your login info/passwords.

1. CoffeeCup Direct FTP
2. TransSoft FTP Control 4
3. Core FTP
4. GlobalScape CuteFTP
5. Far Manager (with FTP plugin)
6. FileZillagot me
7. FlashFXP
8. SmartFTP
9. FTP Navigator
10. Total Commander

Read more about this scumware and how to take precautionary steps.

http://blog.unmaskparasites.com/2009...dentials-from/

hope this helps

plateman · 2009-11-20, 06:30 AM

Quote:

Originally Posted by smutguy

I got hit by this last month undetected malware that steals all your ftp logins.This malware looks for the following top 10 FTP programs on your system and steals all your login info/passwords.

1. CoffeeCup Direct FTP
2. TransSoft FTP Control 4
3. Core FTP
4. GlobalScape CuteFTP
5. Far Manager (with FTP plugin)
6. FileZillagot me
7. FlashFXP
8. SmartFTP
9. FTP Navigator
10. Total Commander

Read more about this scumware and how to take precautionary steps.

http://blog.unmaskparasites.com/2009...dentials-from/

hope this helps

here check out this http://www.greenguysboard.com/board/...ote=1&p=470078

and sure enough I had a virus called html/framer

plateman · 2009-11-20, 10:24 AM

my host is doing the clean right now, I just can't believe this shit came from my PC

Bill · 2009-11-20, 05:53 PM

We all fear that kind of thing. Well I do anyway.

Any thoughts on how you might have been infected, and/or how they got your ftp, etc etc?

plateman · 2009-11-20, 06:16 PM

Quote:

Originally Posted by Bill

We all fear that kind of thing. Well I do anyway.

Any thoughts on how you might have been infected, and/or how they got your ftp, etc etc?

4. Provided your system is clean at this point, upgrade your Flash player. This is the most likely source of the compromise. You can do so here: http://get.adobe.com/flashplayer/

Fob · 2009-11-20, 08:49 PM

wow, scary. That's it, no more surfing questionable porn sites for me!

2009-11-01, 07:01 PM	#1
plateman What can I do - I was born this way LOL Join Date: Oct 2003 Location: ohio Posts: 3,086	an fyi about my LL's yeah I was hacked and my luck I get some google love and I have that warning message that my site may harm there computer so I now gotta fix that problem, this biz really can get under your skin then some of your submitters may think I put that stuff on my sites anybody that really knows me, would know I would never stoop to that level, sure money got tight, but I went back to rebuilding transmissions non hourly months ago to make up the loss in my income, now its tuff with all my musculoskeletal problems to do both sure I can review my lists but thats about it, and sure I take some hefty meds but there not magic __________________ Submit to: Porn O Plenty XXX Links Reality Here

2009-11-01, 08:28 PM	#5
plateman What can I do - I was born this way LOL Join Date: Oct 2003 Location: ohio Posts: 3,086	they didnt go into great detail, but after I got the email I thought - why didnt they tell me what script was it - LOL, but here is the email I got PP has linkadmin and jmb AGP running it, I never heard linkadmin getting hacked on hardly any LL It does look like some script on your site has a vulnerability. You'll see iframe tags added to your .htm files that are group writable by the www user (apache). Your ftp account does not look like it's been compromised. Your ** user has only logged in once this month. I've removed permissions for apache to write to your files and removing the iframes for you now. __________________ Submit to: Porn O Plenty XXX Links Reality Here

2009-11-01, 10:14 PM	#6
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	comus thumbs anywhere on your system? __________________ SnapReplay.com a different way to share photos - iPhone & Android

2009-11-01, 10:26 PM	#7
plateman What can I do - I was born this way LOL Join Date: Oct 2003 Location: ohio Posts: 3,086	nope, thanks for posting __________________ Submit to: Porn O Plenty XXX Links Reality Here

2009-11-02, 08:52 AM	#8
Ramster Life is good Join Date: Apr 2003 Location: Ottawa, Canada Posts: 11,705	plateman, I had a site have that warning from google and I sent them an email/message and explained I was hacked and it was removed and the hole was plugged and the warning was removed within a few days. __________________ Pornstar Legends \| Live Cam Model Shows \| Hungarian Girls Skype: robmurray999

2009-11-01, 07:03 PM	#2
Bill Selling porn allows me to stay in a constant state of Bliss - ain't that a trip! Join Date: Apr 2003 Posts: 3,914	what type of hack?

2009-11-01, 08:01 PM	#4
Bill Selling porn allows me to stay in a constant state of Bliss - ain't that a trip! Join Date: Apr 2003 Posts: 3,914	Any clues to which one, which script? It seems to me that it would be useful information to everyone to know how they can be attacked. I gather there are those two main types of hacks - ftp password thefts and using script weaknesses to inject something into the mysql (if I understand that second one correctly, and I likely don't). We all fear the hack.

2009-11-02, 01:25 PM	#10
ed_banger I'm going to the backseat of my car with the woman I love, and I won't be back for TEN MINUTES Join Date: Oct 2009 Posts: 89	I'd still change your passwords and have your local machine scanned for viruses anyways, and possibly look into not saving your FTP passwords and/or switching to SFTP for uploading. __________________ PM me for link trades on 93 handwritten blogs. Adult bloggers wanted

2009-11-02, 10:09 PM	#11
smutguy You can now put whatever you want in this space :) Join Date: Jan 2007 Posts: 662	I got hit by this last month undetected malware that steals all your ftp logins.This malware looks for the following top 10 FTP programs on your system and steals all your login info/passwords. 1. CoffeeCup Direct FTP 2. TransSoft FTP Control 4 3. Core FTP 4. GlobalScape CuteFTP 5. Far Manager (with FTP plugin) 6. FileZillagot me 7. FlashFXP 8. SmartFTP 9. FTP Navigator 10. Total Commander Read more about this scumware and how to take precautionary steps. http://blog.unmaskparasites.com/2009...dentials-from/ hope this helps __________________ Hushmoney V2 now powered by Nats

2009-11-20, 10:24 AM	#13
plateman What can I do - I was born this way LOL Join Date: Oct 2003 Location: ohio Posts: 3,086	my host is doing the clean right now, I just can't believe this shit came from my PC __________________ Submit to: Porn O Plenty XXX Links Reality Here

2009-11-20, 05:53 PM	#14
Bill Selling porn allows me to stay in a constant state of Bliss - ain't that a trip! Join Date: Apr 2003 Posts: 3,914	We all fear that kind of thing. Well I do anyway. Any thoughts on how you might have been infected, and/or how they got your ftp, etc etc?

2009-11-20, 08:49 PM	#16
Fob Rock stars ... is there anything they don't know? Join Date: Oct 2009 Posts: 12	wow, scary. That's it, no more surfing questionable porn sites for me! __________________ porn porn porn