hacked website solution?

8 replies
just had one of my clients sites hacked into - basically they flooded the support desk with lots of email requests.

1the developer removed the excess script, but the script for the download and membership got messed up.

2. my host didnt keep a backup and only back up from 1 week ago( stupid or what)

i read somewhere that when people hack

my question: does anyone know if i can retrieve the original script as one of my old members says his access is still working?

secondly, i read that when people hack its only changing a few lines of code. therefore chances are its a simple tweak to revert it back to nromal - are there any php developers out there that can do me a favour and take a look at this issue? PM me please
#hacked #solution #website
  • Profile picture of the author Eric Seiler
    It sounds like you are using a web hosting package, like WHMCS. If so, and you have a list of files and directories altered, you can run a diff (there are a lot of tools out there that can do that). If your web host set up your hosting software, they should be willing to provide you with the original, unhacked, files.

    Diff tools
    {{ DiscussionBoard.errors[5893057].message }}
  • Profile picture of the author Eric Seiler
    gregsie74,

    I noticed that you PM'd me, but I can't seem to respond (I guess it is that 50 posts or more before you can PM rule).

    If you want a private response then you'll need to PM me your email address.
    {{ DiscussionBoard.errors[5893252].message }}
  • Profile picture of the author Stuart Macfarlane
    Gregsie74,

    If you would be intrested in privately or publically sharing the content of the file that got hacked I would happily go through the code and point out any parts that appear to look dodgy.

    Normally hackers insert either some javascript or iframe code to then pull in a remote file for execution...
    {{ DiscussionBoard.errors[5893856].message }}
  • Profile picture of the author Kingfish85
    Originally Posted by gregsie74 View Post

    just had one of my clients sites hacked into - basically they flooded the support desk with lots of email requests.
    If this is WHMCS, you should have updated it when WHMCS released the patch for this exploit.
    {{ DiscussionBoard.errors[5894065].message }}
  • Profile picture of the author Kingfish85
    Originally Posted by gregsie74 View Post


    2. my host didnt keep a backup and only back up from 1 week ago( stupid or what)
    Also, consider this a premium service. It costs extra money for a host to provide multiple backup solutions & more frequent. The standard is weekly backups, but some hosts may offer nightly backups for a higher price.
    {{ DiscussionBoard.errors[5894094].message }}
  • Profile picture of the author RiptideTempora
    You might want to file a report with IC3[dot]gov if you haven't already, for starters.
    Signature
    http://tlwsd.info -- This Link Will Self-Destruct
    {{ DiscussionBoard.errors[5897626].message }}
    • Profile picture of the author Stuart Macfarlane
      Originally Posted by RiptideTempora View Post

      You might want to file a report with IC3[dot]gov if you haven't already, for starters.
      This only really covers the USA and from my understanding they are intrested in severe crimes not exploited websites / servers caused by lack of webhost security / bad code
      {{ DiscussionBoard.errors[5897835].message }}
      • Profile picture of the author RiptideTempora
        Originally Posted by Stuart Macfarlane View Post

        This only really covers the USA and from my understanding they are intrested in severe crimes not exploited websites / servers caused by lack of webhost security / bad code
        Nope. Anyone can report a crime there, and they will usually prosecute them. They can find jurisdiction. Look at all the hackers getting arrested in other countries. Hmm very interesting Another thing to consider: The US government is actually really inept at catching hackers... especially the ones who don't slip up and dox themselves on IRC and always use Tor, VPNs, etc. If you reported a crime and that led to a hacker being arrested, regardless of location or the degree for which they managed to assist in the investigation or arrest, then the government would look good to themselves again.
        Signature
        http://tlwsd.info -- This Link Will Self-Destruct
        {{ DiscussionBoard.errors[5899902].message }}

Trending Topics