[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Fwd: hi, need help

From: "Mike Fratto" <mfratto@xxxxxxxxx>
Subject: Re: [WEB SECURITY] Fwd: hi, need help
Date: Thu, 13 Nov 2008 14:20:37 -0500

Snarky comments aside, Dhiraj, there isn't much information to work
from. Do you one the computer or are you on a shared host? What
software are you using like word press, Drupal, or something you
wrote? Can you update the server or web application software? Did they
steal your password? No body knows.

Here are some thoughts on next steps.

Take the site off-line by disconnecting it from the network if you
can, turning off all services like HTTP, FTP, etc, if you can't can't
take if off the network, or if you are on a shared host, remove your
web application entirely (archive it, save it) and replace it with
just a plain HTML page.

I am going to assume that if you are using a web app like WordPress or
Drupal, you can try, if you have the skills, to figure out what
happened by pouring over the source.  Or to get your site back up,
reinstall your web application and patch it up to the most current
version. Be sure to read any security bulletins. Then restore your
data.

If you wrote the code that runs your app in something like PHP or
ruby, well, you will have to figure out what broke and then fix it. I
would suggest you trot on over to OWASP and do some reading, in any
event. http://www.owasp.org/index.php/Category:How_To

mike

On Thu, Nov 13, 2008 at 3:52 AM, Dhiraj Mahajan
<dhirajsmahajan@xxxxxxxxx> wrote:
> some hacker has hacked my website. (displaying hacked by turkish
> hacker), now wht shld i do to retrieve my
> original website. so please guide me how to get rid of tht
>
> --
>
>
> Thanks & Regards,
>
>
> Dhiraj S Mahajan,
>
>
>
> --
>
>
> Thanks & Regards,
>
>
> Dhiraj S Mahajan,
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

Follow-Ups:
- Re: [WEB SECURITY] Fwd: hi, need help
  - From: Guillaume Vissian

References:
- [WEB SECURITY] Fwd: hi, need help
  - From: Dhiraj Mahajan

Prev by Date: Re: [WEB SECURITY] thoughts on two-factor web authentication?
Next by Date: [WEB SECURITY] Malicious Code time-line 1980-2008
Previous by thread: Re: [WEB SECURITY] Fwd: hi, need help
Next by thread: Re: [WEB SECURITY] Fwd: hi, need help
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site