♥geoffreywalton Posted November 1, 2010 Share Posted November 1, 2010 (edited) Here is another string that needs to be put into the Hacker Code box when you set up this contribution. 'Meher Assel' He has a nice line of adding index.html to your root directory. Sample of his code is below. <html> <head> <meta http-equiv="Content-Language" content="fr"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>Pwn3d By Meher Assel [- NET~OWN3R -]</title> </head> <body bgcolor="#000000"> <span style="height: 30px;"><b> <p align="center"><span> <img src="http://img651.imageshack.us/img651/9443/netown3r.png" border="0"></span><span style="font-weight: 400;"><font face="Terminal" size="4">[</font></span></p> <p align="center"><span style="font-weight: 400;"> <font face="Terminal" size="4"><font color="#ff0000">! </font> <font color="#808080">Your B0x 0wn3d</font> <font color="#ff0000">!</font></font></span></p> <p align="center"><span><font color="#0000FF" size="2">--</font></span></p> <p align="center"><font color="#ffffff" face="Courier New" size="4"># id;whoami</font></p> <p align="center"><font color="#ffffff" size="2">uid=0(root) gid=0(root) groups=0(root),1(bin),2 (daemon),3(sys),4(adm),6(disk),10(wheel) <br> root </font></p> <p align="center"><font color="#0000FF" size="2">--</font></p> <p align="center"><font color="#666666" face="courier new">Your Server is not secure !!</font></p> <p align="center"><span><font color="#0000FF" size="2">--</font></span></p> </b> <p align="center"><font color="#ff0000" face="Copperplate Gothic Bold" size="4"> # Hacked By Meher Assel</font></p> <span> <p dir="ltr" style="margin: 15px 13px 0px;" align="center"> <font face="SimSun-ExtB" size="4" color="#FF0000"># NET-OWN3R </font></p> </span><b><span style="font-weight: 400;"> <p align="center"><font face="Terminal" size="2" color="#666666">Work Alone & Die Alone </font></p> </span><span style="font-weight: 400;"></span> <p align="center"><font color="#ff0000" size="2">To Contact:</font><font color="#808080" size="2"> [email protected] </font><font size="2" color="#FF0000">or</font><font color="#808080" size="2"> [email protected]</font></p> <p align="center"><span><font color="#0000FF" size="2">--</font></span></p> <p dir="ltr" style="margin: 15px 13px 0px;" align="center"> <font color="#ffffff"><font color="#99cc00" face="Arial Narrow" size="4">{</font><font color="#cc0000" face="Arial Narrow" size="4"> Gr33tz</font><font color="#ff0000" face="Arial Narrow" size="4"> </font> <font color="#99cc00" face="Arial Narrow" size="4">}</font></font></p> <p dir="ltr" style="margin: 15px 13px 0px;" align="center"> <font color="#99cc00" face="Book Antiqua" size="4">Tn-SnIpErS</font><span><font color="#99cc00" face="Book Antiqua" size="4"> - Zone-H</font></span><font color="#99cc00" face="Book Antiqua" size="4"> - Tunisia People - All My Friends</font></p> <p dir="ltr" style="margin: 15px 13px 0px;" align="center"><span> <font color="#0000FF" size="2">--</font></span></p> <p dir="ltr" style="margin: 15px 13px 0px;" align="center"><u> <font color="#FFFFFF">WWW.TUNISIA-SEC.COM</font></u></p> </b></span> </body> </html> HTH someone. G Edited November 1, 2010 by geoffreywalton Quote Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Wayne Weedon Posted November 1, 2010 Share Posted November 1, 2010 "Meher Assel" has been a busy little boy! Did you google that name? I just did! Quote Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted November 1, 2010 Share Posted November 1, 2010 It seems he is hacking sites and offering to fix the problem for a price or am I misunderstanding something? G Quote Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 1, 2010 Author Share Posted November 1, 2010 Here is another string that needs to be put into the Hacker Code box when you set up this contribution. 'Meher Assel' He has a nice line of adding index.html to your root directory. Thanks for posting that Geoffrey. I've seen something similar many times lately but by different hackers. I've added some common words they use, at least the ones I've seen, to the next version that will hopefully identify them. Of course, it won't hurt to put in individual names either. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Wayne Weedon Posted November 2, 2010 Share Posted November 2, 2010 It seems he is hacking sites and offering to fix the problem for a price or am I misunderstanding something? G Well I didn't follow any of the links to "victims" sites after the 1st one came up immediately with an attack site warning. Interesting that Facebook allows them to have little corners on that to show their trophies etc. Sometimes I wonder if it's just a sport for them, but no doubt there's chance of gain for the little oicks. Quote Link to comment Share on other sites More sharing options...
Kerrigan Posted November 3, 2010 Share Posted November 3, 2010 Ok, I'm at a loss. I've looked through and searched through this thread many times. There have been many people with similar problems to mine, but I can't seem to figure out what the problem is. I keep getting the, "Your username is invalid. Please change it and try again" problem. I've tried my hosting username and password as well as my admin username and password and neither work. Can someone please help me? Thanks... Quote Link to comment Share on other sites More sharing options...
Wayne Weedon Posted November 3, 2010 Share Posted November 3, 2010 (edited) There is a small edit required, it's mentioned here somewhere. That is if you get the logged in as c problem. Edited November 3, 2010 by Wayne Weedon Quote Link to comment Share on other sites More sharing options...
Wayne Weedon Posted November 3, 2010 Share Posted November 3, 2010 If it is the User "c" issue, then try this it worked for me. Quote Link to comment Share on other sites More sharing options...
♥mdtaylorlrim Posted November 3, 2010 Share Posted November 3, 2010 Ok, I'm at a loss. I've looked through and searched through this thread many times. There have been many people with similar problems to mine, but I can't seem to figure out what the problem is. I keep getting the, "Your username is invalid. Please change it and try again" problem. I've tried my hosting username and password as well as my admin username and password and neither work. Can someone please help me? Thanks... I have NOTHING in username and password fields and my Site Monitor works fine. Maybe it's an old version and the newer versions requires it...don't know. Quote Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...? Link to comment Share on other sites More sharing options...
Wayne Weedon Posted November 3, 2010 Share Posted November 3, 2010 Mine is the v2.6 version, and indeed when I first installed it the username in admin changed from the real username to "c" when the Sitemonitor tab was selected. The patch/edit I mention above is this. " It's changing because the code in SiteMonitor uses a name that is used by the code to display the login name. To fix that, please make this change: In sitemonitor_configure_setup.php, find this code $admin = trim(DIR_WS_ADMIN, "/"); $switch['exclude_list'] = ((! strstr($list, $admin)) ? "'" . $admin . "', " : ''); and replace it with $adminSM = trim(DIR_WS_ADMIN, "/"); $switch['exclude_list'] = ((! strstr($list, $adminSM)) ? "'" . $adminSM . "', " : ''); " Wayne.... Quote Link to comment Share on other sites More sharing options...
tschmid Posted November 3, 2010 Share Posted November 3, 2010 The shop root is the directory where your shop is located at. In your case it is the subdirectory you mention. The start directory is where the search will start. Any file below it will be checked, unless the settings tell it not to. The startdirectory is the local provider-path ... ist this right? In this case my Site-Manager configuration would not be the Problem. The Hacker-excludes seems to work as well as the log-files, but the sitemonitor_reference.php doesn´t change its size. I don,t know what is going wrong. Quote Link to comment Share on other sites More sharing options...
Kerrigan Posted November 3, 2010 Share Posted November 3, 2010 Mine is the v2.6 version, and indeed when I first installed it the username in admin changed from the real username to "c" when the Sitemonitor tab was selected. The patch/edit I mention above is this. " It's changing because the code in SiteMonitor uses a name that is used by the code to display the login name. To fix that, please make this change: In sitemonitor_configure_setup.php, find this code $admin = trim(DIR_WS_ADMIN, "/"); $switch['exclude_list'] = ((! strstr($list, $admin)) ? "'" . $admin . "', " : ''); and replace it with $adminSM = trim(DIR_WS_ADMIN, "/"); $switch['exclude_list'] = ((! strstr($list, $adminSM)) ? "'" . $adminSM . "', " : ''); " Wayne.... Thanks Wayne. I'm in version 2.6 as well. Actually, I am logged in a "s" and not "c". Would this fix work for that as well? Quote Link to comment Share on other sites More sharing options...
Wayne Weedon Posted November 3, 2010 Share Posted November 3, 2010 (edited) Thanks Wayne. I'm in version 2.6 as well. Actually, I am logged in a "s" and not "c". Would this fix work for that as well? Its the authors patch so I guess so. Just make a backup of the file before you edit anything. That equally applies to all code edits of course. Once you get it running sitemonitor is a great add-on. Helps with the peace of mind a bit.. I have mine run as a cron job and it emails me several times a day to keep me updated. Edited November 3, 2010 by Wayne Weedon Quote Link to comment Share on other sites More sharing options...
Kerrigan Posted November 3, 2010 Share Posted November 3, 2010 Its the authors patch so I guess so. Just make a backup of the file before you edit anything. That equally applies to all code edits of course. Once you get it running sitemonitor is a great add-on. Helps with the peace of mind a bit.. I have mine run as a cron job and it emails me several times a day to keep me updated. Thanks Wayne. That seemed to fix the logged in as "s" part, but I'm still getting the same error of "Your username is invalid. Please change it and try again." Any other thoughts as to why this keeps happening? Quote Link to comment Share on other sites More sharing options...
Kerrigan Posted November 5, 2010 Share Posted November 5, 2010 Thanks Wayne. That seemed to fix the logged in as "s" part, but I'm still getting the same error of "Your username is invalid. Please change it and try again." Any other thoughts as to why this keeps happening? Can anyone help me at all? Quote Link to comment Share on other sites More sharing options...
lextech Posted November 5, 2010 Share Posted November 5, 2010 Can anyone help me at all? I am getting it as well. Quote RC2.2a Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 5, 2010 Author Share Posted November 5, 2010 Can anyone help me at all? Troubleshooting for this has been gone over several times in this thread. You should run through those steps to determine the problem. It is many times, from what I've seen, that the update button isn't clicked on the configure page. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
witer Posted November 7, 2010 Share Posted November 7, 2010 Hi All, Could you help me zith something... I instaled the newest version of this nice contribution and when I trying to enter to config via admin than I got this massage Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxxxx/domains/xxxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 382 eny idea what is wrong... Thanks for your support Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 7, 2010 Author Share Posted November 7, 2010 Hi All, Could you help me zith something... I instaled the newest version of this nice contribution and when I trying to enter to config via admin than I got this massage Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxxxx/domains/xxxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 382 eny idea what is wrong... Thanks for your support It is probably because you are trying to monitor too many files and your server is timing out. You'll need to edit the sitemonitor_configure.php file manually to remove some of the checking until it works. Then you can use the admin section to add them back in until you reach a point at which it will work and still check most of the files. Try adding admin, includes and images first since that is where most of the files are. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
witer Posted November 7, 2010 Share Posted November 7, 2010 It is probably because you are trying to monitor too many files and your server is timing out. You'll need to edit the sitemonitor_configure.php file manually to remove some of the checking until it works. Then you can use the admin section to add them back in until you reach a point at which it will work and still check most of the files. Try adding admin, includes and images first since that is where most of the files are. Hi, Thanks for your answer... Well, I set the parameter $excludeList = array('admin/quarantine', 'cgi-bin','admin', 'blog','allegro','cache','ext','googlesitemaps','help','images','includes','rotator','sizefolder','tmp'); so here are the all folders list... This parameter shows directories list which will not be checked. Correct...? so only files left in the root and I have still the same issue... Any idea? Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 7, 2010 Author Share Posted November 7, 2010 (edited) Well, I set the parameter $excludeList = array('admin/quarantine', 'cgi-bin','admin', 'blog','allegro','cache','ext','googlesitemaps','help','images','includes','rotator','sizefolder','tmp'); so here are the all folders list... This parameter shows directories list which will not be checked. Correct...? so only files left in the root and I have still the same issue... Any idea? Assuming a good installation, it would appear something is in the root directory that is causing the problem. Or, I suppose, you have the start directory set to the wrong location and the script is reading in system files. Try creating a new directory named test, or whatever you want, in your root directory and then put one file in it and change the start directory setting to the test directory and run the script. If it works copy the files from your root to test and run it again. At some point the script should die, which will indicate what is causing it. Edited November 7, 2010 by Jack_mcs Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 7, 2010 Author Share Posted November 7, 2010 A new version has been uploaded with these changes: - Added instructions regarding Version Checker - Added option to replace the hacker exclude file on updates - Added checkbox to allow the checking/unchecking of all hacker files at once - Added new entries to the hacker code list - Added basic security checks which are displayed in admin->SiteMonitor->Admin, if present - Added code to display the start directory and the shops directory when a username error occurs so that differences can be seen - Added cron file so hacker tests can be performed automatically - Added an override option that allows the configure section to load without building a files list for sites that timeout initially - Changed file search code so deleted files no longer prevent checking the other conditions - Changed variable name in sitemonitor_configure-setup.php since it was conflicting with other code in RC2 shops - Made other various small changes and code cleanup Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
witer Posted November 7, 2010 Share Posted November 7, 2010 Assuming a good installation, it would appear something is in the root directory that is causing the problem. Or, I suppose, you have the start directory set to the wrong location and the script is reading in system files. Try creating a new directory named test, or whatever you want, in your root directory and then put one file in it and change the start directory setting to the test directory and run the script. If it works copy the files from your root to test and run it again. At some point the script should die, which will indicate what is causing it. Hi, Well, I have updated SM to 2.7. Ans still the same issue - Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxx/domains/xxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 355 I checked start dictione with configure file and everything is ok. You adviced to make some test but could you be so kind and write in strait way what I have to do, which script file should I put into test folder...? Thanks for your support... By the way, the reference file is ok, everything is working fine... And one think, When I enter to SiteMonitor I always see the message: WARNING: Your admin name is admin. That should be changed. - what is it mean...? And user name and password is for folder protection or username and password to access admin panel??? Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 8, 2010 Author Share Posted November 8, 2010 Hi, Well, I have updated SM to 2.7. Ans still the same issue - Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxx/domains/xxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 355 I checked start dictione with configure file and everything is ok. You adviced to make some test but could you be so kind and write in strait way what I have to do, which script file should I put into test folder...? Thanks for your support... By the way, the reference file is ok, everything is working fine... And one think, When I enter to SiteMonitor I always see the message: WARNING: Your admin name is admin. That should be changed. - what is it mean...? And user name and password is for folder protection or username and password to access admin panel??? For the test, it really doesn't matter, though I suggest using some small file. The point is to limit the search to one file. If the script still fails at that point, then there is something else wrong. For security reasons, your admins name should not be admin. Search the forums for more details on that. The username and password are not needed for normal operation. If you want to use the curl option, they are required and are the login for your admin. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
witer Posted November 9, 2010 Share Posted November 9, 2010 For the test, it really doesn't matter, though I suggest using some small file. The point is to limit the search to one file. If the script still fails at that point, then there is something else wrong. For security reasons, your admins name should not be admin. Search the forums for more details on that. The username and password are not needed for normal operation. If you want to use the curl option, they are required and are the login for your admin. Thanks for your support. But please tell me something.. If I exclude folder 'admin' it means that all subfolders are also excluded... Maybe here is my problem... For the info Inoticed that configuration is not keeping my setup... Thanks and regards K. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.