All Corsa Forum banner

1 - 20 of 21 Posts

·
Registered
Joined
·
166 Posts
you just have to block r57shell.php..

if you don't do it .. you are gone.. that's how they get your sgl database..
 

·
Premium Member
Joined
·
15,222 Posts
Because they are sad little idiots who have nothing better to do???
 

·
Registered
Joined
·
130 Posts
Discussion Starter #9
To be honest its just a group of saddo's trying to prove they are good. They hacked 300 odd sites using sql injection queries in a security hole.. basically as soon as a member of a hacking group finds a hole they hit as many sites as they can to try and prove they are good. This is basically what people saw if they tried to go the http://cms.purecarsound.co.uk

 

·
Premium Member
Joined
·
15,222 Posts
Badgers.
 

·
Registered
Joined
·
130 Posts
Discussion Starter #11
The only problem I have is that the ex-colleague of mine who originally built and configured the current site to use php nuke and oscommerce merged, is out of contact with me (He's in South Africa) and I can't actually remember the exact version of phpnuke I am using and can't find the version listed anywhere in any of the .php files the site is built with! Does anyone know where to find the version I am using?
 

·
Registered
Joined
·
166 Posts
well.. it's always funny when kid scribby's are trying to show the world they can use zero-day exploit..

there are a lot of reason they do this..
1.. they wanna show you, that you have to update you system
2.. to become famouse(not really ,in the hack world)
3.. they didn't get any sex..
4.. they think they need to improve the world..
5.. wanna get a job at a security company(hahahahahahahahahahahah)
6.. spamming .. to get money out of it.


i think it's very n00b to use public 0-day exploits.. it show's ppl they can't find your own..
 

·
Registered
Joined
·
166 Posts
The only problem I have is that the ex-colleague of mine who originally built and configured the current site to use php nuke and oscommerce merged, is out of contact with me (He's in South Africa) and I can't actually remember the exact version of phpnuke I am using and can't find the version listed anywhere in any of the .php files the site is built with! Does anyone know where to find the version I am using?
http://www.karakas-online.de/forum/viewtopic.php?t=3574
 

·
Registered
Joined
·
166 Posts
lol i just google it.. haahah
 

·
Registered
Joined
·
130 Posts
Discussion Starter #18
More problems guys

More urgent help needed.

Received this from my hosts

The hackers got into the server's root. Purecars was the only account that had the files accessed directly. Even still, we have a policy to not allow any sites to run that may be considered vulnerable. There are several hundred clients at risk on this server. As per our TOS all our clients agreed to we have the right to charge a fee of $250usd plus damages (downtime etc) to the account holders that installed an insecure script. We will not be charging this to you but we do ask that you grant us permission to remove the files and insecure database before we lift the suspension. We feel this is more than fair and reasonable.
Therefore purecarsound as it is is being taken offline. I can't b bothered to fix the holes in the PHPNuke as its a mixmatch of Oscommerce and PHPNuke. I am concentrating on the new site now. Just need someone to help transfer the SQL database data fm the old sites SQL to the new sites SQL database, urgently!
At the moment I have given my hosting company permission to remove the purecarsound current SQL database (they are creating a backup for me) and to remove the cms directory and all files in it. Will be like starting from scratch i suppose!

If we have any SQL experts on here then please pm me. I have copies of the old and the newsite's SQL databases hosted and need someone who can write a script and merge the old database into the new.
 

·
Registered
Joined
·
130 Posts
Discussion Starter #19
The new Zen Cart system is now on the server and running.

www.purecarsound.co.uk

At the moment I am just configuring the basics of the site and putting any add-ons on that need to be installed.

I am still trying to find an SQL expert that knows how to port data across from one SQL to the other. (there are a few differences between the data sets of the old and new databases).

As soon as I've managed to get the products/manufacturers and categories infomation from the old database into the new one, the site will be live.

Unfortunately at the moment there is no way of purchasing with this new system without registering. Feel free to regsiter on there anyways! ZenCart have promised me that they are working on a new module that will allow people to purchase without registering.

Unlike the old shopping cart, this new one will allow the new add-ons from paypal for people to pay with credit cards without having to register a paypal account.

Let me know your thoughts on the new look site?

Thanks

Mark
 

·
Registered
Joined
·
166 Posts
"Even still, we have a policy to not allow any sites to run that may be considered vulnerable"


what a stupid answer.. all site's are vulnerable.. so this hosting company will stop i guess..
 
1 - 20 of 21 Posts
Top