Server Gotcha by Hacker

This morning when I access to I saw the picture shown above, I access to all the website I hosted, also the same page coming out. Except Mel’s blog. Then I only found out some very high skills hacker inject index.html into every hosted folder. The files “index.html” started to inject since this morning 7am.

Am still checking how was the file got injected into all the folders. Thanks Mr Hacker.

Beside that, Hey! I am on zone-h list ๐Ÿ™‚ and I think Mr Forever is from

The Caused
Some of the customer didn’t patch the Mambo/Joomlah to latest version. Please do so please please please, patch your Mambo/Joomlah/Wordpress. If you require me to patch for you, let me know!

Categorized as Work


  1. paul, mod_security can help you from this kind of attack even you didnt patch the application. at least it give you another level of protection ๐Ÿ™‚

  2. i read about this potential risk last week and there was not patch at that time… gosh. i better go find mod_security now… thanks.

  3. hahaha โ€œtell Danny this, because he asked us to tell youโ€ = ็ซๆ˜Ÿ่ฏญ?
    i’m not from ็ซๆ˜Ÿ so i cant understand

  4. well, tell Lai tell Qu no use one. The bottom line is no one patched…

    I remember sending people a link about the file injection vulnerability a week ago (forgot when exactly been travelling a lot). Still everyone kena. tell…

  5. Dude, mod_security does give you protection instead of logging capabilities only, you will have to learn how to write the filtering, go play with it.

    mod_security == application firewall in that sense.

Leave a comment

Your email address will not be published. Required fields are marked *