Go to Post I WANT MY POOF BALLS! - Cyber Punk 234 [more]
Home
Go Back   Chief Delphi > Technical > IT / Communications > Website Design/Showcase
CD-Media   CD-Spy  
portal register members calendar search Today's Posts Mark Forums Read FAQ rules

 
Closed Thread
Thread Tools Rate Thread Display Modes
  #16   Spotlight this post!  
Unread 14-06-2007, 18:02
DonRotolo's Avatar
DonRotolo DonRotolo is offline
Back to humble
FRC #0832
Team Role: Mentor
 
Join Date: Jan 2005
Rookie Year: 2005
Location: Atlanta GA
Posts: 7,025
DonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond reputeDonRotolo has a reputation beyond repute
Re: Website Hacking Problems

[Offtopic]Jimi Hendrix said "If a six truned into nine, I won't mind", but it appears the nine turned into a six. Wonder what he's say about that...

Anyway, the PI-O-Neers just love it...[/Offtopic]

I just uploaded a white paper on Password Security, this will help people create (and remember!) very strong passwords for multiple sites. Enjoy.

Don
__________________

I am N2IRZ - What's your callsign?
  #17   Spotlight this post!  
Unread 15-06-2007, 02:23
TheOtherGuy's Avatar
TheOtherGuy TheOtherGuy is offline
Unregistered User
AKA: Kevin Forbes
FRC #4183 (Bit Buckets)
Team Role: Engineer
 
Join Date: Jul 2006
Rookie Year: 2006
Location: Tucson, AZ
Posts: 408
TheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond repute
Re: Website Hacking Problems

Quote:
Originally Posted by artdutra04 View Post
Check the file/folder permissions of the root directory. If it's are listed as 777, this is a security problem. Change (chmod) them to 770 or 755. You can create subfolders with a chmod setting of 777, but only do so where your scripts actually need file creation/deletion/alteration permissions. If all you have in a directory is static HTML files that you alter via FTP, lock down the file permissions for that directory.
I take it you mean it is very bad if our httpdocs folder is set to 777? I'm sorry I don't know more about this kinda stuff, so thanks for any help you can give us!

[EDIT] I chmod(ed) it to 755
Attached Images
File Type: bmp hacked.bmp (63.5 KB, 61 views)
__________________

Last edited by TheOtherGuy : 15-06-2007 at 02:29.
  #18   Spotlight this post!  
Unread 15-06-2007, 10:57
artdutra04's Avatar
artdutra04 artdutra04 is offline
VEX Robotics Engineer
AKA: Arthur Dutra IV; NERD #18
FRC #0148 (Robowranglers)
Team Role: Engineer
 
Join Date: Mar 2005
Rookie Year: 2002
Location: Greenville, TX
Posts: 3,078
artdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond repute
Re: Website Hacking Problems

Quote:
Originally Posted by TheOtherGuy View Post
I take it you mean it is very bad if our httpdocs folder is set to 777? I'm sorry I don't know more about this kinda stuff, so thanks for any help you can give us!

[EDIT] I chmod(ed) it to 755
If the root directory of your website is chmod'd to 777, and you are hosting your website on a shared server, it's possible that you could be compromising the security of your website. This could allow changes to be made to the root directory of your website, which is bad. So changing the permissions to 755 for the root directory is a good idea.

Basically, when a folder is chmod'd to 777, it means anyone can read, execute, or write files to that directory. The order of the numbers means [Owner] [Group] [User], each with a value from 0-7. Since we certainly don't want anonymous users being able to write files to the directory, we change the Group and User values to a lower value, which allow them to read and execute, but not write to that directory. Hence, we get a more secure file permissions value of 755.
__________________
Art Dutra IV
Robotics Engineer, VEX Robotics, Inc., a subsidiary of Innovation First International (IFI)
Robowranglers Team 148 | GUS Robotics Team 228 (Alumni) | Rho Beta Epsilon (Alumni) | @arthurdutra

世上无难事,只怕有心人.
  #19   Spotlight this post!  
Unread 15-06-2007, 10:58
GRaduns340 GRaduns340 is offline
The Fruit Man
AKA: Gary
FRC #0340 (Greater Rochester Robotics)
 
Join Date: Jun 2006
Rookie Year: 2005
Location: Rochester, NY
Posts: 152
GRaduns340 has a spectacular aura aboutGRaduns340 has a spectacular aura aboutGRaduns340 has a spectacular aura about
Send a message via AIM to GRaduns340
Re: Website Hacking Problems

I didn't actually see what your problem was, but our site was recently hacked as well. It's been running on a CMS for ease of transfer to the next webmaster, so at first I assumed that either that or the forum was the loophole and that I would go about trying to find that. I later discovered, after talking with our private host, that it was a root access hack, and that all sites on the server had been hacked through the server's root user. We got hit pretty hard, as ALL web-based files (PHP, HTML, HTM...) were overwritten by copies that contained a meta refresh, redirecting our site to some foreign forum. I still can't delete some of them because of ownership and permission changes that were also made, but if that's what you're dealing with, you'll have to go through your host if you actually want to correct it.
  #20   Spotlight this post!  
Unread 15-06-2007, 11:29
TheOtherGuy's Avatar
TheOtherGuy TheOtherGuy is offline
Unregistered User
AKA: Kevin Forbes
FRC #4183 (Bit Buckets)
Team Role: Engineer
 
Join Date: Jul 2006
Rookie Year: 2006
Location: Tucson, AZ
Posts: 408
TheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond reputeTheOtherGuy has a reputation beyond repute
Re: Website Hacking Problems

Quote:
Originally Posted by artdutra04 View Post
If the root directory of your website is chmod'd to 777, and you are hosting your website on a shared server, it's possible that you could be compromising the security of your website. This could allow changes to be made to the root directory of your website, which is bad. So changing the permissions to 755 for the root directory is a good idea.

Basically, when a folder is chmod'd to 777, it means anyone can read, execute, or write files to that directory. The order of the numbers means [Owner] [Group] [User], each with a value from 0-7. Since we certainly don't want anonymous users being able to write files to the directory, we change the Group and User values to a lower value, which allow them to read and execute, but not write to that directory. Hence, we get a more secure file permissions value of 755.
Ok, thanks! I'm pretty sure the folder was set to 755 before the hacking started, so they probably got in through a security loophole in one of the older forums (I made several because I was new to this stuff)

Now we just have to wait and see if it gets hacked again....
__________________
  #21   Spotlight this post!  
Unread 15-06-2007, 11:40
artdutra04's Avatar
artdutra04 artdutra04 is offline
VEX Robotics Engineer
AKA: Arthur Dutra IV; NERD #18
FRC #0148 (Robowranglers)
Team Role: Engineer
 
Join Date: Mar 2005
Rookie Year: 2002
Location: Greenville, TX
Posts: 3,078
artdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond reputeartdutra04 has a reputation beyond repute
Re: Website Hacking Problems

Quote:
Originally Posted by GRaduns340 View Post
I didn't actually see what your problem was, but our site was recently hacked as well. It's been running on a CMS for ease of transfer to the next webmaster, so at first I assumed that either that or the forum was the loophole and that I would go about trying to find that. I later discovered, after talking with our private host, that it was a root access hack, and that all sites on the server had been hacked through the server's root user. We got hit pretty hard, as ALL web-based files (PHP, HTML, HTM...) were overwritten by copies that contained a meta refresh, redirecting our site to some foreign forum. I still can't delete some of them because of ownership and permission changes that were also made, but if that's what you're dealing with, you'll have to go through your host if you actually want to correct it.
It sounds like they used an automated script to infect all your files; as such the changes in permissions might have been set to only PHP's "nobody" user. (Which would restrict access to such files to PHP scripts alone.) See if you can use PHP to do a site-wide crawl, read every .html, .htm, or .php file, str_replace() the "<meta refresh..."> crap with NULL or an empty character set "", save the files again, and then chmod everything to the permissions it should be set at.

EDIT: Basically, this is the exact reverse of their automated script.
__________________
Art Dutra IV
Robotics Engineer, VEX Robotics, Inc., a subsidiary of Innovation First International (IFI)
Robowranglers Team 148 | GUS Robotics Team 228 (Alumni) | Rho Beta Epsilon (Alumni) | @arthurdutra

世上无难事,只怕有心人.

Last edited by artdutra04 : 15-06-2007 at 11:43.
  #22   Spotlight this post!  
Unread 15-06-2007, 12:19
GRaduns340 GRaduns340 is offline
The Fruit Man
AKA: Gary
FRC #0340 (Greater Rochester Robotics)
 
Join Date: Jun 2006
Rookie Year: 2005
Location: Rochester, NY
Posts: 152
GRaduns340 has a spectacular aura aboutGRaduns340 has a spectacular aura aboutGRaduns340 has a spectacular aura about
Send a message via AIM to GRaduns340
Re: Website Hacking Problems

That's exactly what they did, and I could run through that, but I'm working with our host, and he's told me he will reset ownership for us. As it is, I can overwrite everything they did, I just need a couple thigns deleted that I don't have originals to overwrite with. It's not a big deal any more, just that at some point between now and next season it will be good for whoever takes over as webmaster for our team to have the right ownership.
  #23   Spotlight this post!  
Unread 15-06-2007, 15:09
slade24 slade24 is offline
AKA: Slick Daddy Ellis
AKA: Aaron Schultz
FRC #1370 (Blue Charge)
 
Join Date: Feb 2006
Rookie Year: 2004
Location: Middletown, DE
Posts: 6
slade24 is on a distinguished road
Post Re: Website Hacking Problems

You might want to further go through and patch any security holes in scripts that you hand-wrote. Make sure nothing allows a user to inject headers (for example, in a email sender) or upload files with filetypes other than specific ones (ie: allow jpg, prevent .php or .asp or whatever).

If you are running on Apache (your gallery uses php files, so I will assume this is true), you can also use .htaccess files to block IP addresses of known offenders. A nice look at .htaccess can be found here -- they're quite useful for many things.

Also, I don't know if anyone told you otherwise, but your site is built using tables. There's nothing wrong with that, but if you are hoping to grow as a web developer, look into learning CSS and using it for layout as well as style. Alistapart.com (A List Apart) is a pretty amazing site for web design concepts in general. The table vs. CSS debate can be found here.
__________________
-- Time is my only enemy --

Middletown Robotics: Home
Closed Thread


Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
HELP! Website hosting problems. Tottanka Website Design/Showcase 27 04-02-2007 22:28
263's Computer Hacking Competition SeanCassidy Chit-Chat 31 29-09-2005 15:11
Using non joystick controls with Operator Interface (Hacking Various Controllers) Astronouth7303 Control System 58 02-02-2005 15:56
Talk about the 'hacking' here. Brandon Martus Chit-Chat 12 08-07-2003 15:53
Hacking The Segway MattK Dean Kamen's Inventions 16 31-07-2002 20:51


All times are GMT -5. The time now is 14:32.

The Chief Delphi Forums are sponsored by Innovation First International, Inc.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Copyright © Chief Delphi