November 12th, 2002, 12:05 PM
HELP, we're hacked
pls. go here http://digidogstudios.com/
can u see it, it was defaced, i deleted the index.php, index.html and still i can see that page. im not hosting this site, we're just hosted it on a webhost and still they cant figure it out so i want to help them cuz we are the one who will gain if it was fixed. hope somebody will help us. thanks.
November 14th, 2002, 10:16 AM
Well, it was fixed, apparently.
What happened? If you or your host can't answer that question, you better start working hard to figure it out, otherwise you're living on borrowed time- you WILL get hacked again.
November 14th, 2002, 10:50 AM
btw, thanks for this reply, it was fixed, i will tell you how it was done. in my main.php, there is an include file <? include ("file.php"); ?> then the hacker overwrote that file ("file.php") and upload it to the server that's why it was defaced cuz that file contaains some crap HTML's. My question i got in my mind is how the hacker upload his own version of file.php and overwrote the file of ours there. thanks again
November 14th, 2002, 11:47 AM
i looked into your html source code some days ago. the hacker left an email address for your admin to ask him how he did that if he canīt find out himself... did you / he try?
November 14th, 2002, 12:53 PM
If you don't know how it was overwritten, then you are doomed to be hacked again.
Examine your web server log files carefully- assuming this was a remote attack and the cracker didn't blow away the logs, you should have a pretty clear record of what happened there.