Paul Ooi

Server Gotcha by Hacker

Written by

Paul Ooi

in

This morning when I access to www.paulooi.com. I saw the picture shown above, I access to all the website I hosted, also the same page coming out. Except Mel’s blog. Then I only found out some very high skills hacker inject index.html into every hosted folder. The files “index.html” started to inject since this morning 7am.

Am still checking how was the file got injected into all the folders. Thanks Mr Hacker.

Beside that, Hey! I am on zone-h list 🙂 and I think Mr Forever is from 85.96.125.3

The Caused
Some of the customer didn’t patch the Mambo/Joomlah to latest version. Please do so please please please, patch your Mambo/Joomlah/Wordpress. If you require me to patch for you, let me know!

Comments

23 responses to “Server Gotcha by Hacker”

  1. Planet Malaysia Avatar
    Planet Malaysia

    How do you solve the problem? Why kena hack? 😛

  2. Paul Ooi Avatar
    Paul Ooi

    Remove index.html and waiting the hacker respond in this comment why kena hack 😛

  3. SoGua Avatar
    SoGua

    eh paul, still dunno where the cause ar?

  4. Paul Ooi Avatar
    Paul Ooi

    mambo

  5. farking Avatar
    farking

    paul, mod_security can help you from this kind of attack even you didnt patch the application. at least it give you another level of protection 🙂

  6. sam Avatar
    sam

    i read about this potential risk last week and there was not patch at that time… gosh. i better go find mod_security now… thanks.

  7. Paul Ooi Avatar
    Paul Ooi

    mod_security doesn’t help much, it will show you which site got compromise and affect others. Better patch your Mambo/Joomlah Sam 😛

  8. JerryWho Avatar
    JerryWho

    tell Danny this, because he asked us to tell you.

  9. 矮子 Avatar
    矮子

    is this an advertisement for yyps ?

  10. Paul Ooi Avatar
    Paul Ooi

    tell Danny this, he asked you to tell me? …

  11. 星空の語 Avatar
    星空の語

    jerrywho, i not understand! what do you mean by “tell Danny this, because he asked us to tell you. ”

    i think i very long long long time never talk to you. and i talk to paul everyday. please don’t simply use my name. thanks

  12. Paul Ooi Avatar
    Paul Ooi

    ya.. we chat everyday… by the way what is “tell Danny this, because he asked us to tell you” means..?

  13. dino Avatar
    dino

    “tell Danny this, because he asked us to tell you” = 火星语?

  14. SoGua Avatar
    SoGua

    hahaha “tell Danny this, because he asked us to tell you” = 火星语?
    i’m not from 火星 so i cant understand

  15. sam Avatar
    sam

    well, tell Lai tell Qu no use one. The bottom line is no one patched…

    I remember sending people a link about the file injection vulnerability a week ago (forgot when exactly been travelling a lot). Still everyone kena. tell…

  16. mike Avatar
    mike

    duh??? what u guys talking bout??? who tell who what about what?

  17. farking Avatar
    farking

    it didnt tell..it stop it paul.. go read!

  18. geek00L Avatar
    geek00L

    Dude, mod_security does give you protection instead of logging capabilities only, you will have to learn how to write the filtering, go play with it.

    mod_security == application firewall in that sense.

  19. langkasuka Avatar
    langkasuka

    ‘tell’ing …. great hack-graphics…

  20. sam Avatar
    sam

    Life is a box of chocolate… it gets us confused sometimes. hahaha…

  21. JerryWho Avatar
    JerryWho

    hahaha… danny! so, you are really god… cannot use your name in vain.

  22. Andrew Avatar
    Andrew

    It’s all Max’s fault.

    He is taking revenge because you make him work at THAT company.

  23. Paul Ooi Avatar
    Paul Ooi

    when r u taking revenge on me because I made you what at THAT company too

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts