Bennyh789 Posted October 2, 2011 Share Posted October 2, 2011 Hi all, Im in desperate need for your help My website was hacked and whenever I type in my web address It automatically goes to; http://k-k-k.com/ Please note I am NOT racist in anyway I just need your help How would I get my game back to normal? Thanks Ben Quote Link to comment Share on other sites More sharing options...
DreamCoder Posted October 2, 2011 Share Posted October 2, 2011 Contact ur providers tell them the issue? Quote Link to comment Share on other sites More sharing options...
chicka Posted October 2, 2011 Share Posted October 2, 2011 Go through your users table somewhere around the time this has been happening. Probably an sql injection redirecting users to an other site.. Happened to me once :( Learned security since and so far so good Quote Link to comment Share on other sites More sharing options...
Neon Posted October 2, 2011 Share Posted October 2, 2011 It could be a million different things. One quick way is to download your raw access logs and begin looking. If you don't know what your looking for, then send em to me and I'll take a look. Or your FTP pass could of been jacked from the millions of viruses programmed to do just that. Then some malicious files were uploaded. 1) Change your passwords. 2) Check the "last modified" date on all your files on your server 3) Download and view the FTP & Access logs Depending if we find the cause, your scripts may need securing. Quote Link to comment Share on other sites More sharing options...
Bennyh789 Posted October 2, 2011 Author Share Posted October 2, 2011 I've found the user that Done the SQL injection but surely deleting him wont solve the problem Quote Link to comment Share on other sites More sharing options...
Bennyh789 Posted October 2, 2011 Author Share Posted October 2, 2011 If I upload all of the files again before they were hacked will that solve the proble ? Quote Link to comment Share on other sites More sharing options...
Neon Posted October 3, 2011 Share Posted October 3, 2011 Re-uploading the files will not a help an SQL injection at all. Someone exploited one of your queries because you did not properly cleanse a variable. Never trust the user input. You must strip tags, replace entities and add slashes. If you get me those access logs, I'll find where he "performed" this SQL attack and tell you what you need to patch or secure more. Quote Link to comment Share on other sites More sharing options...
extra Posted October 3, 2011 Share Posted October 3, 2011 Odd, I went to danny's site a week ago too and one of his links went to that website. Quote Link to comment Share on other sites More sharing options...
H4x0r666 Posted October 3, 2011 Share Posted October 3, 2011 (edited) someone changed some settings or just an file you used.. to this; <meta http-equiv="refresh" content="0;URL=http://k-k-k.com/"> if you use this code somewhere in your source.. when you visit that page where the script is used.. you will immediatly be sended to the url is used.. if i was you , i would use a back up of your website and replace the infected files.. and if you cant.. then download your source and use an search program to find these keys/codes then you will solve it :D so good luck Edited October 3, 2011 by H4x0r666 Quote Link to comment Share on other sites More sharing options...
Bennyh789 Posted October 3, 2011 Author Share Posted October 3, 2011 (edited) FIXED IT Thanks for your help guys Ben Edited October 3, 2011 by Bennyh789 fixed Quote Link to comment Share on other sites More sharing options...
Lithium Posted October 3, 2011 Share Posted October 3, 2011 raw logs show nothing, and sorry to say but that is your own fault! Those issues are being discussed for a few years, and a few ways to fix them are widely spread around here.p You need help? Sure, someone might give you some help, but you need to open your wallet if you don't know how to do it. And an advice... There are only a couple of people around here who might do the trick effectively. Quote Link to comment Share on other sites More sharing options...
Neon Posted October 3, 2011 Share Posted October 3, 2011 Those can't be the true access logs. They were just from October 3rd, and most were the cron jobs running. The only non cron-job was a login.php hit. So, not much help. Unless your security on the login.php page is poor. However, seems you got it. Hope it doesn't happen again. Best of luck. Quote Link to comment Share on other sites More sharing options...
lucky3809 Posted October 17, 2011 Share Posted October 17, 2011 need better security, also don't make your files rewritable by your users change the permissions. That is how your game got hacked by someone your files are not secured enough. Quote Link to comment Share on other sites More sharing options...
lucky3809 Posted October 17, 2011 Share Posted October 17, 2011 New day and age the internet has became a source for everything. Doesn't take a rocket scientist to know how hacking is done. I have also fixed someones game before that had the same thing happen to them. Which was a permission fix, and a few security fixes. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.