Results 1 to 19 of 19
  1. #1

    FANTASTICO server was hacked ???!!

    cpanelthemes.com HACKED

    http://forums.cpanel.net/showthread....395#post100395



    am not sure if this is true one more thing i have checked fantastico is not working from cpanel.

    if this hack is true and the hacker replaced some files on fantastico updating files then ohh god lots of guys will cry around.

    if any one has any ubdates pls. post.
    http://boostdomain.com
    Affordable unlimited domain reseller plans
    Fully Managed Dedicated Servers

  2. #2
    My host alerted me to this yesterday, and gave me a command to run as well as advised us to turn off the ability to change your password via e-mail. This was only a workaround until a fix could be found.

  3. #3
    well my self i never ticked that box at all removed it from all server on updates.

    this is a commont practice for us when it comes near by cretical password reset and all.
    http://boostdomain.com
    Affordable unlimited domain reseller plans
    Fully Managed Dedicated Servers

  4. #4
    This is the command they had us run on our boxes.

    chmod 000 /usr/local/cpanel/base/resetpass.cgi

  5. #5
    Jhorra if you have fantastico on your box check if it is working.
    http://boostdomain.com
    Affordable unlimited domain reseller plans
    Fully Managed Dedicated Servers

  6. #6
    Yes, it's working.

  7. #7
    Join Date
    Aug 2000
    Location
    Thessaloniki
    Posts
    244
    Hello,

    Fantastico files were not affected. The intruder was thrown out while defacing our websites (replaced all main index.html).

    Since the intruder was thrown out before completing the destructive work, we have a complete history of all his/her operations.

    For security reasons, I will recompile updated distributions of our software containing only off-site files immediatelly after our server is back.

    kosmo
    http://netenberg.com/
    AccountLab Plus Affordable professional webhosting billing -- Click Be! Building websites as easy as it click be
    Fantastico De Luxe - Install your favourite scripts at a mouse click -- Universina - The CPanel skin with Heart and Soul

  8. #8
    I think I may be talking about something else here.

  9. #9
    good job kosmo ..

    there are kids around who dont like to see a hard working guy like you around.

    for me whom ever did this to your server is no more than a nothing in this world the least i can call him is a low life, if you ask me he should be directed to the gas room direct with out spending a one cent of tax payers $$ putting him behid the bars.

    he deserve death with no merce.

    thanks god i was not a judge lol
    http://boostdomain.com
    Affordable unlimited domain reseller plans
    Fully Managed Dedicated Servers

  10. #10
    that link was removed from cpanel forum but dont know why
    http://boostdomain.com
    Affordable unlimited domain reseller plans
    Fully Managed Dedicated Servers

  11. #11
    Join Date
    Mar 2003
    Posts
    2,677
    Because the exploit was reported in the cPanel forums rather than to the cPanel developers so they could address it.

    Instead, whoever posted that gave anyone who read it the chance to break into servers. Very bad judgement if you ask me.

  12. #12
    Join Date
    Feb 2004
    Location
    Sofia
    Posts
    1,354
    The exploit was published early this morning in BugTraq

    <edit: killed sploit>
    Last edited by thedavid; 03-12-2004 at 03:32 PM.

  13. #13
    Join Date
    Jan 2004
    Location
    New York, NY
    Posts
    1,241
    Ok, so confirm this for me...

    Everything is back to normal now for fantastico? Working fine?

    - Felix.

  14. #14
    Join Date
    Feb 2004
    Location
    Sofia
    Posts
    1,354
    It is the CPanel that should be updated ASAP to the last stable version of 9.1.0, not Fantastico.

  15. #15
    Originally posted by Imago
    The exploit was published early this morning in BugTraq.

    So you post it... AGAIN after it has been deleted

    <edit: killed quoted sploit >
    Last edited by thedavid; 03-12-2004 at 03:33 PM.
    Linux/CPanel/WHM Tutorials & How-Tos
    Dedicated Server Tutorials

  16. #16
    Join Date
    Feb 2004
    Location
    Sofia
    Posts
    1,354
    Well, you have posted it too.
    I thought you are referring to the topic deleted at the CPanel forums.

  17. #17
    Join Date
    Nov 2002
    Posts
    538
    I also got a server owned because of this

    damn
    yeah.. i'm useless!

  18. #18
    Join Date
    Dec 2003
    Location
    Stuart, fl
    Posts
    246
    That sucks, I just got fantastico through servermatrix, what exactly happened?

  19. #19
    phinsup

    all are ok just check your whm if that is ok then u dont have problem with fantastico
    http://boostdomain.com
    Affordable unlimited domain reseller plans
    Fully Managed Dedicated Servers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •