Go Back   StriperSurf Forums > The Frat House > Computers, etc

Computers, etc Computers, Networking, Printers, Electronics, TV's, SAT Radio, iPods and why you too hate Microsoft.

Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 03-21-2012, 01:27 AM
Bob D'Amico's Avatar
Bob D'Amico Bob D'Amico is offline
Publisher, StriperSurf
Join Date: Sep 1998
Location: Franklin Park, NJ
Posts: 20,493
Default Freaking Hacker Info

Another website I manage, bringseanhome.org, was seriously hacked in February. It took me weeks of work to get back control and make sure it was clean.

Ever wonder what a "Trojan" looks like? Here is an image of two different types. The larger one was an "injection" (hack) into the MySQL database which runs the Simple Machines Forums software and the main site which is on a CMS platform. It only was attached to only +/-50 very important PHP files.

The smaller one is a Javascript Trojan was easier to find but it infected every single Javascript file, hundreds of them throughout the web site! We, meaning WestHost and yours truly are stumped how that was done but it happened on Feb 15th. We can't be sure but suspect the "perp" who injected the Trojan was from:
  • Belarus or
  • Germany or
  • India or
  • Russia or
  • Pakistan or
  • Ukraine
I think the scumbag is a Russian.

Of these two Trojans the first one was the most "evil," if I deleted an infected file, within seconds it would reappear! It took me days to track down and kill the "Queen" file which was hiding in a sub-directory, guarding her flock of infected files.

The most interesting thing is that no matter which scanning service I used, Google Webmaster Tools, and a few others, plus a software package on my PC called Beyond Compare, none of the infected files were flagged. This proved to me that although "automation" by software is great it's like the old adage that you need "Boots on the Ground" to win a war. In this war, replace boots with a Pair of Eyes, opening and skimming the code in thousands of files!

The reason why the Trojans are in a picture is that they are of course "live code." The Black stripes is in case you save the picture and then share it. Sooner or later some smart arse kid would see it and simply copy each character into a Javascript file, causing a

Before anyone asks, this site uses vBulletin Forums software which costs $$$$$$ while Simple Machines Forums software is free. You get what you pay for. On the plus side this attack taught me an important lesson, no matter how secure we may think our websites, networks and PC's may be the bastards are constantly attacking.
Attached Images
Bob D'Amico

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Any info on Naples Fla KevinK MAIN FORUM 7 12-12-2007 07:39 PM
Tackle Shops, Info true or false tattoobob Ask Frank Daignault 24 02-28-2006 01:10 PM
IBSP general surf info for through out the season please? jjdbike MAIN FORUM 14 02-07-2006 05:22 AM
plug info in your book/s crusty Ask Frank Daignault 20 12-10-2005 02:25 PM

All times are GMT -4. The time now is 01:40 AM.

Powered by vBulletin® Version 3.6.6
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright 1998 - 2016 StriperSurf.com, All Rights Reserved