Jump to content

Recommended Posts

Posted

I was just wondering how easy it would be for someone to hack into the system and do stuff. I have been receiving some threats.

I can't really answer that question but make sure you have a copy of your database and your site files just in case.

  • Moderators
Posted

I was just wondering how easy it would be for someone to hack into the system and do stuff. I have been receiving some threats.

I'm not sure, but it could good chances, but i'm not sure. BUT BE PREPARED! Back up your things, like the whole phpVMS you have and the database too. Be prepared! ;)

Posted

I'm not sure, but it could good chances, but i'm not sure. BUT BE PREPARED! Back up your things, like the whole phpVMS you have and the database too. Be prepared! ;)

I blocked his IP but that's a good idea to. Thanks guys!

Posted

Backing up files is always a good thing to do and do it often. You never know. Anything that is run on php is hackable no matter what you do. A script kiddie will always find a way in one way or the other. Just give them time.

As was stated, the best thing to do is just be prepared.In the forum world, we don't call them hackers. We call them script kiddies. they are the ones doing the damage to most websites. Mostly kids. A hacker hacks things together to make it work. ;)

Posted

Nabeel would be a fool to have released it without checking for common exploits, but there's always a way in somehow. Unless they've been reading source code for quite some time it'll be a while before they find anything.

Your best bet is to just not piss anyone off :lol:

  • Like 3
  • 4 weeks later...
Posted

Our site was hacked last week. At this time I am trying to contact our CEO to check if he had back ups of our database.

We would appreciate any help on what to do. Thanks in advance.

  • Moderators
Posted

Our site was hacked last week. At this time I am trying to contact our CEO to check if he had back ups of our database.

We would appreciate any help on what to do. Thanks in advance.

Really?. phpVMS is not hackable. I don't see anything worng with phpVMS.

  • Administrators
Posted

Our site was hacked last week. At this time I am trying to contact our CEO to check if he had back ups of our database.

We would appreciate any help on what to do. Thanks in advance.

If you have details and logs please PM them to me.

I don't know of any exploits as I do alot of filtering and assume everything comes in dirty. But there's always something new

Posted

If you have details and logs please PM them to me.

I don't know of any exploits as I do alot of filtering and assume everything comes in dirty. But there's always something new

Last friday one of our pilots called me and said that our site had been hacked. There was a note saying: "You have been hacked. You are weak"

I was out of town and came in last night. This morning I entered in our site and we have this note:

An Error Was Encountered

phpVMS has not been installed yet! Goto install/install.php to start!

Our CEO is also the webmaster and I contacted him to give me more details. As soon as I get them I will contact you.

Thanks for the attention.

Posted

Check your database to see if all the information is still there. If it is, back it up and reinstall and replace the database info

  • 3 years later...
  • Administrators
Posted

Yeah, unfortunately it's through a 3rd party library. I'm going to try to patch the exact location. phpVMS itself is pretty secure; I follow the thought of "trust no input", and combed through pretty diligently. I'll have another pass to see if I'm missing anything

Posted

my VMS was hacked overnight. A member got a momentary message as a replaced home screen, saying 'HACKED BY *******'. Then a few minutes later, no pages found. I have gone into my server this morning, and ALL pages are gone. Nothing exisits. It looks like someone executed a DELETE ALL cmd on the VMS.

Now given the rest of my 'normal' website is untouched, running on the same server, then I can confidently say, the access came via VMS. Luckily my server runs daily backups, so I can recover it, but you need to look at fixing the hole that seems to have been found by hackers

Posted

My homepage www.caalir.com has been changed also to some Chineese thing. I went into my files and also noticed that my index.php was missing. I put the index.php back and the site works ok now apart from the homepage. It works if i type www.caalair.com/index.php

Can anyone tell me how to restore my www.caalair.com page so that it goes to my site and not the other one.

Thanks

Posted

Hi,

Got the same thing just several minutes ago. Seulawah Virtual was hacked! The good thing is, a friend of mine, Rob Bindels do keep a backup.

Is it possible that they crack a password from websites?

  • Administrators
Posted
Got the same thing just several minutes ago. Seulawah Virtual was hacked! The good thing is, a friend of mine, Rob Bindels do keep a backup.

Is it possible that they crack a password from websites?

Everyone needs to realize that just replacing your site with a backup is leaving yourself wide open again, you must remove the file that is being used to exploit the site.

Assume that EVERYTHING is compromised, when a site is hacked it is normal procedure to reset every password that has anything to do with the site.

I am locking this post and referencing this one -> http://forum.phpvms....-chart-exploit/

Guest
This topic is now closed to further replies.
×
×
  • Create New...