[Purecarsound]

Site will be down for a while. Stupid Turks have hacked it again. Can't wait till the new site is finished. PHP Nuke is so ****e secure wise

http://cms.purecarsound.co.uk/index.php

 

[Hoggy]

www.drupal.org

 

[Purecarsound]

www.drupal.org

Nah. We are working on a Zen Cart themed site. Just trying to get the SQL Databases merged across.

 

[Hoggy]

ahhh another piece of swiss cheese

 

[sonicred]

you just have to block r57shell.php..

if you don't do it .. you are gone.. that's how they get your sgl database..

 

[Purecarsound]

Fixed

I thought they'd done what they did last time which is edit a .php file somewhere in the directory... but after you mentioned the SQL database... I just uploaded a backup from a week ago and its all sorted now. Just sorting out a few minor issues.

 

[LAD VXL]

Glad you managed to get it sorted Mark, what a nightmare

Any idea why they would bother?

 

[Lee]

Because they are sad little idiots who have nothing better to do???

 

[Purecarsound]

To be honest its just a group of saddo's trying to prove they are good. They hacked 300 odd sites using sql injection queries in a security hole.. basically as soon as a member of a hacking group finds a hole they hit as many sites as they can to try and prove they are good. This is basically what people saw if they tried to go the http://cms.purecarsound.co.uk

 

[Lee]

Badgers.

 

[Purecarsound]

The only problem I have is that the ex-colleague of mine who originally built and configured the current site to use php nuke and oscommerce merged, is out of contact with me (He's in South Africa) and I can't actually remember the exact version of phpnuke I am using and can't find the version listed anywhere in any of the .php files the site is built with! Does anyone know where to find the version I am using?

 

[sonicred]

well.. it's always funny when kid scribby's are trying to show the world they can use zero-day exploit..

there are a lot of reason they do this..
1.. they wanna show you, that you have to update you system
2.. to become famouse(not really ,in the hack world)
3.. they didn't get any sex..
4.. they think they need to improve the world..
5.. wanna get a job at a security company(hahahahahahahahahahahah)
6.. spamming .. to get money out of it.


i think it's very n00b to use public 0-day exploits.. it show's ppl they can't find your own..

 

[sonicred]

The only problem I have is that the ex-colleague of mine who originally built and configured the current site to use php nuke and oscommerce merged, is out of contact with me (He's in South Africa) and I can't actually remember the exact version of phpnuke I am using and can't find the version listed anywhere in any of the .php files the site is built with! Does anyone know where to find the version I am using?

http://www.karakas-online.de/forum/viewtopic.php?t=3574

 

[Purecarsound]

http://www.karakas-online.de/forum/viewtopic.php?t=3574

TopMan.

Why couldn't I find that when I googled it? lol

 

[Purecarsound]

Uploading all new security patches now.. including the sql injection prevention one!

 

[sonicred]

lol i just google it.. haahah

 

[Purecarsound]

I've even managed to find the search strings the hackers used on google to find vulnerable php based sites (used my nukesentinel administration to find them)

They entered the following in the google search bar

**removed by cjz0r**

 

[Purecarsound]

More problems guys

More urgent help needed.

Received this from my hosts

The hackers got into the server's root. Purecars was the only account that had the files accessed directly. Even still, we have a policy to not allow any sites to run that may be considered vulnerable. There are several hundred clients at risk on this server. As per our TOS all our clients agreed to we have the right to charge a fee of $250usd plus damages (downtime etc) to the account holders that installed an insecure script. We will not be charging this to you but we do ask that you grant us permission to remove the files and insecure database before we lift the suspension. We feel this is more than fair and reasonable.
Therefore purecarsound as it is is being taken offline. I can't b bothered to fix the holes in the PHPNuke as its a mixmatch of Oscommerce and PHPNuke. I am concentrating on the new site now. Just need someone to help transfer the SQL database data fm the old sites SQL to the new sites SQL database, urgently!

At the moment I have given my hosting company permission to remove the purecarsound current SQL database (they are creating a backup for me) and to remove the cms directory and all files in it. Will be like starting from scratch i suppose!

If we have any SQL experts on here then please pm me. I have copies of the old and the newsite's SQL databases hosted and need someone who can write a script and merge the old database into the new.

 

[Purecarsound]

The new Zen Cart system is now on the server and running.

www.purecarsound.co.uk

At the moment I am just configuring the basics of the site and putting any add-ons on that need to be installed.

I am still trying to find an SQL expert that knows how to port data across from one SQL to the other. (there are a few differences between the data sets of the old and new databases).

As soon as I've managed to get the products/manufacturers and categories infomation from the old database into the new one, the site will be live.

Unfortunately at the moment there is no way of purchasing with this new system without registering. Feel free to regsiter on there anyways! ZenCart have promised me that they are working on a new module that will allow people to purchase without registering.

Unlike the old shopping cart, this new one will allow the new add-ons from paypal for people to pay with credit cards without having to register a paypal account.

Let me know your thoughts on the new look site?

Thanks

Mark

 

[sonicred]

"Even still, we have a policy to not allow any sites to run that may be considered vulnerable"


what a stupid answer.. all site's are vulnerable.. so this hosting company will stop i guess..