Welcome to Geeklog, Anonymous Saturday, December 21 2024 @ 09:30 pm EST
Geeklog Forums
I've Been Hacked! Need Help Please!!
DAMMIT
Anonymous
Hello,
My Geeklog install has been hacked and I'm scrambling to fix things...
some butthole hacked into geeklog and installed the fake ebay and paypal pages into the backend/.dat/... folders.
I changed the permissions to 644 for the whole backend folder as I was not able to simply delete the files they had installed. This has taken down the pages for now, but I see also now that the permissions of the logs has been changed to 777 - what can I safely change this to?
I would like to save the logs to pass along to paypal/ebay so that they can go after these bastards and would like for the logs to continue logging things that they are supposed to! I'm guessing that the log file permissions had been changed so that they could cover their tracks.
Any help is greatly appreciated!!!
Best,
j
My Geeklog install has been hacked and I'm scrambling to fix things...
some butthole hacked into geeklog and installed the fake ebay and paypal pages into the backend/.dat/... folders.
I changed the permissions to 644 for the whole backend folder as I was not able to simply delete the files they had installed. This has taken down the pages for now, but I see also now that the permissions of the logs has been changed to 777 - what can I safely change this to?
I would like to save the logs to pass along to paypal/ebay so that they can go after these bastards and would like for the logs to continue logging things that they are supposed to! I'm guessing that the log file permissions had been changed so that they could cover their tracks.
Any help is greatly appreciated!!!
Best,
j
5
7
Quote
Status: offline
jmucchiello
Forum User
Full Member
Registered: 08/29/05
Posts: 985
Slow down. There is no .dat folder normally in /backend/ so what they did was upload the whole directory. Move it outside your webroot or just delete it.
Logs files will not have any logs of them uploading stuff. They only log stuff that Geeklog does normally. I doubt your hackers added entries in the logs to tell you what they did.
Finally, what version of Geeklog are you running? What plugins are installed? What other software are you running? If you are on the latest Geeklog, there are no known exploits for it currently.
Logs files will not have any logs of them uploading stuff. They only log stuff that Geeklog does normally. I doubt your hackers added entries in the logs to tell you what they did.
Finally, what version of Geeklog are you running? What plugins are installed? What other software are you running? If you are on the latest Geeklog, there are no known exploits for it currently.
7
6
Quote
All times are EST. The time is now 09:30 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content