Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

Here is another string that needs to be put into the Hacker Code box when you set up this contribution.

 

'Meher Assel'

 

He has a nice line of adding index.html to your root directory.

 

Sample of his code is below.

 

<html>

<head>
<meta http-equiv="Content-Language" content="fr">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Pwn3d By Meher Assel [- NET~OWN3R -]</title>
</head>

<body bgcolor="#000000">

<span style="height: 30px;"><b>
<p align="center"><span>
<img src="http://img651.imageshack.us/img651/9443/netown3r.png" border="0"></span><span style="font-weight: 400;"><font face="Terminal" size="4">[</font></span></p>
<p align="center"><span style="font-weight: 400;">
<font face="Terminal" size="4"><font color="#ff0000">! </font>
<font color="#808080">Your B0x 0wn3d</font> <font color="#ff0000">!</font></font></span></p>
<p align="center"><span><font color="#0000FF" size="2">--</font></span></p>
<p align="center"><font color="#ffffff" face="Courier New" size="4"># id;whoami</font></p>
<p align="center"><font color="#ffffff" size="2">uid=0(root) gid=0(root) 
groups=0(root),1(bin),2 (daemon),3(sys),4(adm),6(disk),10(wheel) <br>
root </font></p>
<p align="center"><font color="#0000FF" size="2">--</font></p>
<p align="center"><font color="#666666" face="courier new">Your Server is not 
secure !!</font></p>
<p align="center"><span><font color="#0000FF" size="2">--</font></span></p>
</b>
<p align="center"><font color="#ff0000" face="Copperplate Gothic Bold" size="4">
# Hacked By Meher Assel</font></p>
<span>
<p dir="ltr" style="margin: 15px 13px 0px;" align="center">
<font face="SimSun-ExtB" size="4" color="#FF0000"># NET-OWN3R </font></p>
</span><b><span style="font-weight: 400;">
<p align="center"><font face="Terminal" size="2" color="#666666">Work Alone & 
Die Alone </font></p>
</span><span style="font-weight: 400;"></span>
<p align="center"><font color="#ff0000" size="2">To Contact:</font><font color="#808080" size="2">  
Net.Own3r@Gmail.com </font><font size="2" color="#FF0000">or</font><font color="#808080" size="2"> 
C_Y@Hotmail.com</font></p>
<p align="center"><span><font color="#0000FF" size="2">--</font></span></p>
<p dir="ltr" style="margin: 15px 13px 0px;" align="center">
<font color="#ffffff"><font color="#99cc00" face="Arial Narrow" size="4">{</font><font color="#cc0000" face="Arial Narrow" size="4"> 
Gr33tz</font><font color="#ff0000" face="Arial Narrow" size="4"> </font>
<font color="#99cc00" face="Arial Narrow" size="4">}</font></font></p>
<p dir="ltr" style="margin: 15px 13px 0px;" align="center">
<font color="#99cc00" face="Book Antiqua" size="4">Tn-SnIpErS</font><span><font color="#99cc00" face="Book Antiqua" size="4"> 
- Zone-H</font></span><font color="#99cc00" face="Book Antiqua" size="4">
- Tunisia People - All My Friends</font></p>
<p dir="ltr" style="margin: 15px 13px 0px;" align="center"><span>
<font color="#0000FF" size="2">--</font></span></p>
<p dir="ltr" style="margin: 15px 13px 0px;" align="center"><u>
<font color="#FFFFFF">WWW.TUNISIA-SEC.COM</font></u></p>
</b></span>

</body>

</html>

 

HTH someone.

 

G

Edited by geoffreywalton

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

It seems he is hacking sites and offering to fix the problem for a price or am I misunderstanding something?

 

G


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

Here is another string that needs to be put into the Hacker Code box when you set up this contribution.

 

'Meher Assel'

 

He has a nice line of adding index.html to your root directory.

Thanks for posting that Geoffrey. I've seen something similar many times lately but by different hackers. I've added some common words they use, at least the ones I've seen, to the next version that will hopefully identify them. Of course, it won't hurt to put in individual names either.

Share this post


Link to post
Share on other sites

It seems he is hacking sites and offering to fix the problem for a price or am I misunderstanding something?

 

G

 

Well I didn't follow any of the links to "victims" sites after the 1st one came up immediately with an attack site warning.

 

Interesting that Facebook allows them to have little corners on that to show their trophies etc.

 

Sometimes I wonder if it's just a sport for them, but no doubt there's chance of gain for the little oicks.

Share this post


Link to post
Share on other sites

Ok, I'm at a loss. I've looked through and searched through this thread many times. There have been many people with similar problems to mine, but I can't seem to figure out what the problem is. I keep getting the, "Your username is invalid. Please change it and try again" problem. I've tried my hosting username and password as well as my admin username and password and neither work. Can someone please help me? Thanks...

Share this post


Link to post
Share on other sites

There is a small edit required, it's mentioned here somewhere.

 

 

 

That is if you get the logged in as c problem.

Edited by Wayne Weedon

Share this post


Link to post
Share on other sites

Ok, I'm at a loss. I've looked through and searched through this thread many times. There have been many people with similar problems to mine, but I can't seem to figure out what the problem is. I keep getting the, "Your username is invalid. Please change it and try again" problem. I've tried my hosting username and password as well as my admin username and password and neither work. Can someone please help me? Thanks...

I have NOTHING in username and password fields and my Site Monitor works fine. Maybe it's an old version and the newer versions requires it...don't know.


Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Share this post


Link to post
Share on other sites

Mine is the v2.6 version, and indeed when I first installed it the username in admin changed from the real username to "c" when the Sitemonitor tab was selected. The patch/edit I mention above is this.

 

"

It's changing because the code in SiteMonitor uses a name that is used by the code to display the login name. To fix that, please make this change: In sitemonitor_configure_setup.php, find this code

 

$admin = trim(DIR_WS_ADMIN, "/");

$switch['exclude_list'] = ((! strstr($list, $admin)) ? "'" . $admin . "', " : '');

 

and replace it with

 

$adminSM = trim(DIR_WS_ADMIN, "/");

$switch['exclude_list'] = ((! strstr($list, $adminSM)) ? "'" . $adminSM . "', " : '');

"

 

Wayne....

Share this post


Link to post
Share on other sites

The shop root is the directory where your shop is located at. In your case it is the subdirectory you mention. The start directory is where the search will start. Any file below it will be checked, unless the settings tell it not to.

 

The startdirectory is the local provider-path ... ist this right?

In this case my Site-Manager configuration would not be the Problem.

The Hacker-excludes seems to work as well as the log-files, but

the sitemonitor_reference.php doesn´t change its size.

I don,t know what is going wrong.

Share this post


Link to post
Share on other sites

Mine is the v2.6 version, and indeed when I first installed it the username in admin changed from the real username to "c" when the Sitemonitor tab was selected. The patch/edit I mention above is this.

 

"

It's changing because the code in SiteMonitor uses a name that is used by the code to display the login name. To fix that, please make this change: In sitemonitor_configure_setup.php, find this code

 

$admin = trim(DIR_WS_ADMIN, "/");

$switch['exclude_list'] = ((! strstr($list, $admin)) ? "'" . $admin . "', " : '');

 

and replace it with

 

$adminSM = trim(DIR_WS_ADMIN, "/");

$switch['exclude_list'] = ((! strstr($list, $adminSM)) ? "'" . $adminSM . "', " : '');

"

 

Wayne....

 

Thanks Wayne. I'm in version 2.6 as well. Actually, I am logged in a "s" and not "c". Would this fix work for that as well?

Share this post


Link to post
Share on other sites

Thanks Wayne. I'm in version 2.6 as well. Actually, I am logged in a "s" and not "c". Would this fix work for that as well?

 

Its the authors patch so I guess so. Just make a backup of the file before you edit anything. That equally applies to all code edits of course.

 

Once you get it running sitemonitor is a great add-on. Helps with the peace of mind a bit.. I have mine run as a cron job and it emails me several times a day to keep me updated.

Edited by Wayne Weedon

Share this post


Link to post
Share on other sites

Its the authors patch so I guess so. Just make a backup of the file before you edit anything. That equally applies to all code edits of course.

 

Once you get it running sitemonitor is a great add-on. Helps with the peace of mind a bit.. I have mine run as a cron job and it emails me several times a day to keep me updated.

 

Thanks Wayne. That seemed to fix the logged in as "s" part, but I'm still getting the same error of "Your username is invalid. Please change it and try again." Any other thoughts as to why this keeps happening?

Share this post


Link to post
Share on other sites

Thanks Wayne. That seemed to fix the logged in as "s" part, but I'm still getting the same error of "Your username is invalid. Please change it and try again." Any other thoughts as to why this keeps happening?

 

Can anyone help me at all?

Share this post


Link to post
Share on other sites

Can anyone help me at all?

Troubleshooting for this has been gone over several times in this thread. You should run through those steps to determine the problem. It is many times, from what I've seen, that the update button isn't clicked on the configure page.

Share this post


Link to post
Share on other sites

Hi All,

Could you help me zith something...

I instaled the newest version of this nice contribution and when I trying to enter to config via admin than I got this massage

 

Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxxxx/domains/xxxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 382

 

eny idea what is wrong...

 

Thanks for your support

Share this post


Link to post
Share on other sites

Hi All,

Could you help me zith something...

I instaled the newest version of this nice contribution and when I trying to enter to config via admin than I got this massage

 

Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxxxx/domains/xxxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 382

 

eny idea what is wrong...

 

Thanks for your support

It is probably because you are trying to monitor too many files and your server is timing out. You'll need to edit the sitemonitor_configure.php file manually to remove some of the checking until it works. Then you can use the admin section to add them back in until you reach a point at which it will work and still check most of the files. Try adding admin, includes and images first since that is where most of the files are.

Share this post


Link to post
Share on other sites

It is probably because you are trying to monitor too many files and your server is timing out. You'll need to edit the sitemonitor_configure.php file manually to remove some of the checking until it works. Then you can use the admin section to add them back in until you reach a point at which it will work and still check most of the files. Try adding admin, includes and images first since that is where most of the files are.

 

Hi,

Thanks for your answer...

Well, I set the parameter

$excludeList = array('admin/quarantine', 'cgi-bin','admin', 'blog','allegro','cache','ext','googlesitemaps','help','images','includes','rotator','sizefolder','tmp');

so here are the all folders list...

 

This parameter shows directories list which will not be checked. Correct...? so only files left in the root and I have still the same issue...

 

Any idea?

Share this post


Link to post
Share on other sites

Well, I set the parameter

$excludeList = array('admin/quarantine', 'cgi-bin','admin', 'blog','allegro','cache','ext','googlesitemaps','help','images','includes','rotator','sizefolder','tmp');

so here are the all folders list...

 

This parameter shows directories list which will not be checked. Correct...? so only files left in the root and I have still the same issue...

 

Any idea?

Assuming a good installation, it would appear something is in the root directory that is causing the problem. Or, I suppose, you have the start directory set to the wrong location and the script is reading in system files. Try creating a new directory named test, or whatever you want, in your root directory and then put one file in it and change the start directory setting to the test directory and run the script. If it works copy the files from your root to test and run it again. At some point the script should die, which will indicate what is causing it.

Edited by Jack_mcs

Share this post


Link to post
Share on other sites

A new version has been uploaded with these changes:

 

- Added instructions regarding Version Checker

- Added option to replace the hacker exclude file on updates

- Added checkbox to allow the checking/unchecking of all hacker files at once

- Added new entries to the hacker code list

- Added basic security checks which are displayed in admin->SiteMonitor->Admin, if present

- Added code to display the start directory and the shops directory when a username error occurs so that differences can be seen

- Added cron file so hacker tests can be performed automatically

- Added an override option that allows the configure section to load without building a files list for sites that timeout initially

- Changed file search code so deleted files no longer prevent checking the other conditions

- Changed variable name in sitemonitor_configure-setup.php since it was conflicting with other code in RC2 shops

- Made other various small changes and code cleanup

Share this post


Link to post
Share on other sites

Assuming a good installation, it would appear something is in the root directory that is causing the problem. Or, I suppose, you have the start directory set to the wrong location and the script is reading in system files. Try creating a new directory named test, or whatever you want, in your root directory and then put one file in it and change the start directory setting to the test directory and run the script. If it works copy the files from your root to test and run it again. At some point the script should die, which will indicate what is causing it.

 

Hi,

Well, I have updated SM to 2.7.

Ans still the same issue - Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxx/domains/xxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 355

I checked start dictione with configure file and everything is ok.

You adviced to make some test but could you be so kind and write in strait way what I have to do, which script file should I put into test folder...?

 

Thanks for your support...

 

By the way, the reference file is ok, everything is working fine...

 

And one think,

When I enter to SiteMonitor I always see the message: WARNING: Your admin name is admin. That should be changed. - what is it mean...?

And user name and password is for folder protection or username and password to access admin panel???

Share this post


Link to post
Share on other sites

Hi,

Well, I have updated SM to 2.7.

Ans still the same issue - Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxx/domains/xxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 355

I checked start dictione with configure file and everything is ok.

You adviced to make some test but could you be so kind and write in strait way what I have to do, which script file should I put into test folder...?

 

Thanks for your support...

 

By the way, the reference file is ok, everything is working fine...

 

And one think,

When I enter to SiteMonitor I always see the message: WARNING: Your admin name is admin. That should be changed. - what is it mean...?

And user name and password is for folder protection or username and password to access admin panel???

For the test, it really doesn't matter, though I suggest using some small file. The point is to limit the search to one file. If the script still fails at that point, then there is something else wrong.

 

For security reasons, your admins name should not be admin. Search the forums for more details on that.

 

The username and password are not needed for normal operation. If you want to use the curl option, they are required and are the login for your admin.

Share this post


Link to post
Share on other sites

For the test, it really doesn't matter, though I suggest using some small file. The point is to limit the search to one file. If the script still fails at that point, then there is something else wrong.

 

For security reasons, your admins name should not be admin. Search the forums for more details on that.

 

The username and password are not needed for normal operation. If you want to use the curl option, they are required and are the login for your admin.

Thanks for your support.

But please tell me something..

If I exclude folder 'admin' it means that all subfolders are also excluded...

 

Maybe here is my problem...

 

For the info Inoticed that configuration is not keeping my setup...

 

Thanks and regards

K.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×