hacked website solution?

by 8 replies
10
just had one of my clients sites hacked into - basically they flooded the support desk with lots of email requests.

1the developer removed the excess script, but the script for the download and membership got messed up.

2. my host didnt keep a backup and only back up from 1 week ago( stupid or what)

i read somewhere that when people hack

my question: does anyone know if i can retrieve the original script as one of my old members says his access is still working?

secondly, i read that when people hack its only changing a few lines of code. therefore chances are its a simple tweak to revert it back to nromal - are there any php developers out there that can do me a favour and take a look at this issue? PM me please
#programming #hacked #solution #website
  • It sounds like you are using a web hosting package, like WHMCS. If so, and you have a list of files and directories altered, you can run a diff (there are a lot of tools out there that can do that). If your web host set up your hosting software, they should be willing to provide you with the original, unhacked, files.

    Diff tools
    • [ 1 ] Thanks
  • gregsie74,

    I noticed that you PM'd me, but I can't seem to respond (I guess it is that 50 posts or more before you can PM rule).

    If you want a private response then you'll need to PM me your email address.
    • [ 1 ] Thanks
  • Banned
    [DELETED]
    • [ 1 ] Thanks
  • Gregsie74,

    If you would be intrested in privately or publically sharing the content of the file that got hacked I would happily go through the code and point out any parts that appear to look dodgy.

    Normally hackers insert either some javascript or iframe code to then pull in a remote file for execution...
  • If this is WHMCS, you should have updated it when WHMCS released the patch for this exploit.
  • Also, consider this a premium service. It costs extra money for a host to provide multiple backup solutions & more frequent. The standard is weekly backups, but some hosts may offer nightly backups for a higher price.
  • You might want to file a report with IC3[dot]gov if you haven't already, for starters.
    • [1] reply
    • This only really covers the USA and from my understanding they are intrested in severe crimes not exploited websites / servers caused by lack of webhost security / bad code
      • [1] reply
Join the discussion

Next Topics on Trending Feed

  • 10

    hacked website solution?

    just had one of my clients sites hacked into - basically they flooded the support desk with lots of email requests. 1the developer removed the excess script, but the script for the download and membership got messed up.