1092 posts
    Has referred 100+ members Has sold $75,000+ on Envato Market and is now an Elite Author Has collected 10+ items on Envato Market Located in Netherlands
+7 more
Reconcept says

Hi guys,

I just found out that my site was hacked. All they did was replace the index.php file with a new one which can be found here: http://www.jurgenvisser.nl/turken.php

Anyone know how they may have done this? I don’t know shit about hacking, I’m glad they’ve been ‘friendly’ but it’s kind of scary that they may know my password (which by the way I just changed).

Thanks

2201 posts
    Has been part of the Envato Community for over 5 years Has sold $1,000+ on Envato Market Had an item featured in an Envato Bundle Has collected 1+ items on Envato Market
+4 more
ArikB says

Hacking is the process of finding exploits in a website. Exploits can be found in data entry fields, hidden files, unlocked directories etc.

I think that knowledge of hacking is generally knowledge of internet security. I am not a programmer (trying to be though) nor a web developer, but you had a security leak somewhere.

499 posts
    Has referred 1+ members Has sold $1,000+ on Envato Market Has collected 10+ items on Envato Market Located in Canada
+2 more
TutelageSystems says

Check to see if your Web Server (Apache / IIS ) has the PUT option on. This was a huge problem with IIS 5 (it was on by default). If this option is on it allows anyone who can connect (everyone) and knows some HTTP request to upload / alter any page on your site.

Best thing to do is to check that first, change your username / passwords (even for your databases if you use them).

I would check there first then move on to the other area’s (such as your password for FTP )

1173 posts
    Has been part of the Envato Community for over 5 years Located in Australia Has sold $10,000+ on Envato Market Has been a beta tester for an Envato feature
+3 more
Motionreactor says

You probably have a php script somewhere with very poor implemented security measures.

28 posts
    Has sold $1+ on Envato Market Has collected 10+ items on Envato Market Has been part of the Envato Community for over 4 years Located in Hong Kong
+1 more
theJae says

lol that’s called ‘defaced’ and not hack. While it’s less harmless than being hacked, it should be handled with priority. Either you have a vulnerable PHP script – do you operate any blog, contact forms or whatever php script that include form handling? even something as innocent as a search bar might be the source. OR your web server has not been patched with the latest updates and your host might have left some holes opened.

My suggestion, contact your host immediately. They should have the skills to identify what was exploited to allow defacing.

And don’t worry. Your passwords and credit cards data are still safe. Provided you aren’t storing those sensitive information in a plain text file in your web space. Defacing are usually committed for fun. In common underground vocabulary for your situation, one could say pwned!!!!11.

63 posts
    Has been part of the Envato Community for over 4 years Has referred 1+ members Has been a beta tester for an Envato feature Has collected 10+ items on Envato Market
+2 more
1Wolf1 says

It might be a good idea to put back a backup of your entire site. That way you are sure they didn;t write any additional code in some files which leaves them a new door after you went through the current files to close the door they came in through. As Motionreactor said. There might be a script with bad security.

2201 posts
    Has been part of the Envato Community for over 5 years Has sold $1,000+ on Envato Market Had an item featured in an Envato Bundle Has collected 1+ items on Envato Market
+4 more
ArikB says
Defacing are usually committed for fun. In common underground vocabulary for your situation, one could say pwned!!!!11.

And then when asked why, would simply reply: I did it for teh lulz

28 posts
    Has sold $1+ on Envato Market Has collected 10+ items on Envato Market Has been part of the Envato Community for over 4 years Located in Hong Kong
+1 more
theJae says
Defacing are usually committed for fun. In common underground vocabulary for your situation, one could say pwned!!!!11.
And then when asked why, would simply reply: I did it for teh lulz

And others would be mesmerized by your skill and would reply: br0 u r teh l33t!!!1

32 posts
    Has been part of the Envato Community for over 5 years Has sold $10,000+ on Envato Market Had an item featured in an Envato Bundle Has collected 10+ items on Envato Market
+3 more
Avalonweb says

Script kiddies at work ;-)

499 posts
    Has referred 1+ members Has sold $1,000+ on Envato Market Has collected 10+ items on Envato Market Located in Canada
+2 more
TutelageSystems says

Yeah I did a quick check to see if OPTION * where enabled and from my point they don’t seem to be enabled (which is good).

So verify your password, (change it to something stronger), and ask your ISP to check to logs to see who logged in or who updated the index.php page (Even an IP Address is enough… well unless they hid themselves but thats another issue).

by
by
by
by
by
by