1
Serap
My website has been hacked and I believe a mod from here did it
  • 2008/6/9 18:20

  • Serap

  • Just popping in

  • Posts: 28

  • Since: 2007/9/4 2


I don't know what to say except that I'm so sorry... I run a cancer support website. All the e-mail address has been ripped and apprx 15000 spam e-mail has been sent from my website, server company locked down my webspace, they just gave me an access today and all the patients went crazy, for some people this is the only place that they can talk...

I really don't understand the mentality of these people... I have strong guess abt the person who did it and I believe he's a moderator here

2
Anonymous
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 19:03

  • Anonymous

  • Posts: 0

  • Since:


Quote:
Serap wrote:

I have strong guess abt the person who did it and I believe he's a moderator here


I assume you're refering to me?

That's a pretty strong accusation to be making in public and I will be very upset if you're referring to me after I spent hours trying to help you a few evenings ago.

For the record and so everyone knows, I did see the details contained in your mainfile.php (db username, db password, etc) when we were trying to install protector on your site so yeah, I suppose I could have hacked your site.

However:
1. I don't know where your site is hosted
2. I don't know the hosting account username and password nor the FTP username
3. I'm not interested in hacking anyone's website and condemn those who do
4. I'm not clever enough to do what you describe, neither do I have the tools
5. I deleted your emails the same day that we were chatting; I no longer have your mainfile.php information

You've seen my website. Compare the contents of it and the nature of the organisation that I run it for. Is it in anyway comparable with the content of the spam emails?

Rather than make wild accousations, ask your ISP for the server access logs for week in which your site was hacked. Look for the IP address from where the hacking took place; look for someone uploading a file of some sort.

I'm on a fixed IP address: 78.151.193.176 - any of the admins on here can check my recent posts (like this one) and confirm this. Search your access logs for this IP address - you won't find it because I haven't visited your site except, perhaps on the day that we were trying to install protector because I was interested.

My IP address will have changed about a week ago when I rebooted my wireless router. However, if you put my IP address into ip-adress.com you'll see that it's based in Dudley, UK.

I'm really disappointed if your post was aimed at me. All I've ever done on here is try to help people.

I'm out of here. Goodbye.

3
Anonymous
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 19:19

  • Anonymous

  • Posts: 0

  • Since:


Serap,

I've offered my resignation as a Moderator here on x.o as a result of your accusation. I can't keep my position here if there are doubts as to my integrity.

Ask the admins and everyone else on here to help you get to the bottom of what happened to your site. Like I said, start with your site's access logs.

I can't believe that anyone on here would think me capable of hacking another xoopsers site; it's deeply disappointing after all the time I've spent on here helping folks.

That's it for me on here.

4
jobrazo
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 19:36

  • jobrazo

  • Just popping in

  • Posts: 46

  • Since: 2007/9/26


Here we go again
Everything was going well and now it starts again.
Can't we have a team to deal with does things?
So they can be looked at before accusations are trown into the forums.
True or not everybody deserves a trial before getting shot.

5
Serap
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 20:04

  • Serap

  • Just popping in

  • Posts: 28

  • Since: 2007/9/4 2


I did not give names. Of course everyone has to have a chance to defend themselves...

6
trabis
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 20:17

  • trabis

  • Core Developer

  • Posts: 2269

  • Since: 2006/9/1 1


Quote:

Serap wrote:
I did not give names. Of course everyone has to have a chance to defend themselves...


If you have something to say just say it. This only demonstrate how unsure you are and being so, you should have not started this thread.

I would like now to ear an apologise to the moderators of this site or a real acusation.
Wouldn't we all?

7
Serap
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 20:22

  • Serap

  • Just popping in

  • Posts: 28

  • Since: 2007/9/4 2


I'm not 100% sure. As I said in the subject line and in my message I guessed it was somebody from here and as JAVesey wrote he has all the information since I sent him my mainfile.php with all the information in it by mistake... You make up your mind. I do not lie, this thing happened and you have all the facts. I'm not saying he did it, but I am giving you the facts.

8
Anonymous
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 20:27

  • Anonymous

  • Posts: 0

  • Since:


I've sent the following to Serap following a PM from him:

"Hi,

Rather than post as you have, you should have asked for help/advice in tracking down the source.

Please do as I ask and get the access logs for your server and look for someone uploading a file. You have my IP address, compare the two.

Have you found the file that was used to propagate the emails? If not, look in the /uploads folder.

Please, in the thread that you have started, post a list of the modules/versions that you use; most hackings take place via a vulnerable older module and others on the Forums will point out if one of them is suspect.

Ask yourself one question:
Why would I have spent hours trying to help you install Protector if I wanted to hack your site?

You're also deeply misunderstanding my ability to do the things you're accusing me of."

I'm not asking for folks on here to defend me - I can do that for myself. Rather, I'd prefer it if the good folks here on x.o would help Serap sort his site out and secure it a bit better. I'd prefer not to be involved for obvious reasons.

Like I said, I've offered my resignation as Forums Moderator. It seems like the right thing to do until my name is cleared.

9
McDonald
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 20:43

  • McDonald

  • Home away from home

  • Posts: 1072

  • Since: 2005/8/15


@Serap,

The chance that your website has been hacked by a XOOPS.org moderator is 0!

The chance that one of your modules contains vulnerabilities (and I guess it's eXtCal) is 100%!
You should upgrade to eXtCal 2.0.17 or higher.

Also other options are open to make it possible to hack your site.
Their's a group of turkish hackers who might have done this by the way. They are pretty active with hacking attempts.


@JAVesey,

Go back in your chair!

10
seolio
Re: My website has been hacked and I believe a mod from here did it
  • 2008/6/9 20:49

  • seolio

  • Not too shy to talk

  • Posts: 196

  • Since: 2005/11/2


Why accuse someone on here? Hackers are very smart people, I really do not think if Javesy was a hacker he would have seen your mainfile as an easy ride, therefore would have known it is too obvious to you that it was him.

I think it would have been a co-incidance and Javesy did not do it, he has helped me out before and is very helpful to everyone as far as I know, I don't think he is the hacking type!!!!

I also think if you are going to run such an important community you should be very careful about what you send to people and think twice before doing anything, I have learnt to do that from previous mistakes, then you will have no doubts about anyone who has blatantly done you a favour.

I think you need to think before you accuse people, just my opinion of course.

Login

Who's Online

219 user(s) are online (126 user(s) are browsing Support Forums)


Members: 0


Guests: 219


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits