Server Gotcha by Hacker
Paul Ooi, June 29th, 2006trackback | RSS 2.0
This morning when I access to www.paulooi.com. I saw the picture shown above, I access to all the website I hosted, also the same page coming out. Except Mel’s blog. Then I only found out some very high skills hacker inject index.html into every hosted folder. The files “index.html” started to inject since this morning 7am.
Am still checking how was the file got injected into all the folders. Thanks Mr Hacker.
Beside that, Hey! I am on zone-h list 
and I think Mr Forever is from 85.96.125.3
The Caused
Some of the customer didn’t patch the Mambo/Joomlah to latest version. Please do so please please please, patch your Mambo/Joomlah/Wordpress. If you require me to patch for you, let me know!
June 29th, 2006 at 10:51
How do you solve the problem? Why kena hack?
June 29th, 2006 at 10:54
Remove index.html and waiting the hacker respond in this comment why kena hack
June 29th, 2006 at 11:24
eh paul, still dunno where the cause ar?
June 29th, 2006 at 12:40
mambo
June 29th, 2006 at 14:19
paul, mod_security can help you from this kind of attack even you didnt patch the application. at least it give you another level of protection
June 29th, 2006 at 19:04
i read about this potential risk last week and there was not patch at that time… gosh. i better go find mod_security now… thanks.
June 29th, 2006 at 19:16
mod_security doesn’t help much, it will show you which site got compromise and affect others. Better patch your Mambo/Joomlah Sam
June 30th, 2006 at 05:04
tell Danny this, because he asked us to tell you.
June 30th, 2006 at 07:10
is this an advertisement for yyps ?
June 30th, 2006 at 08:50
tell Danny this, he asked you to tell me? …
June 30th, 2006 at 12:38
jerrywho, i not understand! what do you mean by “tell Danny this, because he asked us to tell you. ”
i think i very long long long time never talk to you. and i talk to paul everyday. please don’t simply use my name. thanks
June 30th, 2006 at 12:40
ya.. we chat everyday… by the way what is “tell Danny this, because he asked us to tell you” means..?
June 30th, 2006 at 12:44
“tell Danny this, because he asked us to tell you” = 火星语?
June 30th, 2006 at 13:32
hahaha “tell Danny this, because he asked us to tell you” = 火星语?
i’m not from 火星 so i cant understand
June 30th, 2006 at 19:51
well, tell Lai tell Qu no use one. The bottom line is no one patched…
I remember sending people a link about the file injection vulnerability a week ago (forgot when exactly been travelling a lot). Still everyone kena. tell…
July 1st, 2006 at 02:24
duh??? what u guys talking bout??? who tell who what about what?
July 1st, 2006 at 06:39
it didnt tell..it stop it paul.. go read!
July 1st, 2006 at 22:15
Dude, mod_security does give you protection instead of logging capabilities only, you will have to learn how to write the filtering, go play with it.
mod_security == application firewall in that sense.
July 1st, 2006 at 22:35
‘tell’ing …. great hack-graphics…
July 1st, 2006 at 23:08
Life is a box of chocolate… it gets us confused sometimes. hahaha…
July 2nd, 2006 at 18:10
hahaha… danny! so, you are really god… cannot use your name in vain.
July 6th, 2006 at 13:54
It’s all Max’s fault.
He is taking revenge because you make him work at THAT company.
July 6th, 2006 at 14:41
when r u taking revenge on me because I made you what at THAT company too