Results 1 to 19 of 19
-
03-12-2004, 09:54 AM #1Web Hosting Master
- Join Date
- Dec 2003
- Posts
- 565
FANTASTICO server was hacked ???!!
cpanelthemes.com HACKED
http://forums.cpanel.net/showthread....395#post100395
am not sure if this is true one more thing i have checked fantastico is not working from cpanel.
if this hack is true and the hacker replaced some files on fantastico updating files then ohh god lots of guys will cry around.
if any one has any ubdates pls. post.
-
03-12-2004, 09:58 AM #2Junior Guru
- Join Date
- Jan 2004
- Posts
- 241
My host alerted me to this yesterday, and gave me a command to run as well as advised us to turn off the ability to change your password via e-mail. This was only a workaround until a fix could be found.
-
03-12-2004, 10:00 AM #3Web Hosting Master
- Join Date
- Dec 2003
- Posts
- 565
well my self i never ticked that box at all removed it from all server on updates.
this is a commont practice for us when it comes near by cretical password reset and all.
-
03-12-2004, 10:17 AM #4Junior Guru
- Join Date
- Jan 2004
- Posts
- 241
This is the command they had us run on our boxes.
chmod 000 /usr/local/cpanel/base/resetpass.cgi
-
03-12-2004, 10:25 AM #5Web Hosting Master
- Join Date
- Dec 2003
- Posts
- 565
Jhorra if you have fantastico on your box check if it is working.
-
03-12-2004, 10:27 AM #6Junior Guru
- Join Date
- Jan 2004
- Posts
- 241
Yes, it's working.
-
03-12-2004, 10:45 AM #7Junior Guru
- Join Date
- Aug 2000
- Location
- Thessaloniki
- Posts
- 244
Hello,
Fantastico files were not affected. The intruder was thrown out while defacing our websites (replaced all main index.html).
Since the intruder was thrown out before completing the destructive work, we have a complete history of all his/her operations.
For security reasons, I will recompile updated distributions of our software containing only off-site files immediatelly after our server is back.
kosmohttp://netenberg.com/
AccountLab Plus Affordable professional webhosting billing -- Click Be! Building websites as easy as it click be
Fantastico De Luxe - Install your favourite scripts at a mouse click -- Universina - The CPanel skin with Heart and Soul
-
03-12-2004, 10:49 AM #8Junior Guru
- Join Date
- Jan 2004
- Posts
- 241
I think I may be talking about something else here.
-
03-12-2004, 11:19 AM #9Web Hosting Master
- Join Date
- Dec 2003
- Posts
- 565
good job kosmo ..
there are kids around who dont like to see a hard working guy like you around.
for me whom ever did this to your server is no more than a nothing in this world the least i can call him is a low life, if you ask me he should be directed to the gas room direct with out spending a one cent of tax payers $$ putting him behid the bars.
he deserve death with no merce.
thanks god i was not a judge lol
-
03-12-2004, 12:08 PM #10Web Hosting Master
- Join Date
- Dec 2003
- Posts
- 565
that link was removed from cpanel forum but dont know why
-
03-12-2004, 02:16 PM #11
Because the exploit was reported in the cPanel forums rather than to the cPanel developers so they could address it.
Instead, whoever posted that gave anyone who read it the chance to break into servers. Very bad judgement if you ask me.
-
03-12-2004, 02:31 PM #12Web Hosting Master
- Join Date
- Feb 2004
- Location
- Sofia
- Posts
- 1,354
The exploit was published early this morning in BugTraq
<edit: killed sploit>Last edited by thedavid; 03-12-2004 at 03:32 PM.
-
03-12-2004, 02:31 PM #13Workaholic
- Join Date
- Jan 2004
- Location
- New York, NY
- Posts
- 1,241
Ok, so confirm this for me...
Everything is back to normal now for fantastico? Working fine?
- Felix.
-
03-12-2004, 02:37 PM #14Web Hosting Master
- Join Date
- Feb 2004
- Location
- Sofia
- Posts
- 1,354
It is the CPanel that should be updated ASAP to the last stable version of 9.1.0, not Fantastico.
-
03-12-2004, 03:14 PM #15WHT Addict
- Join Date
- Apr 2002
- Posts
- 110
Originally posted by Imago
The exploit was published early this morning in BugTraq.
So you post it... AGAIN after it has been deleted
<edit: killed quoted sploit >Last edited by thedavid; 03-12-2004 at 03:33 PM.
Linux/CPanel/WHM Tutorials & How-Tos
Dedicated Server Tutorials
-
03-12-2004, 03:24 PM #16Web Hosting Master
- Join Date
- Feb 2004
- Location
- Sofia
- Posts
- 1,354
Well, you have posted it too.
I thought you are referring to the topic deleted at the CPanel forums.
-
03-12-2004, 04:30 PM #17Web Hosting Evangelist
- Join Date
- Nov 2002
- Posts
- 538
I also got a server owned because of this
damnyeah.. i'm useless!
-
03-12-2004, 04:43 PM #18Junior Guru
- Join Date
- Dec 2003
- Location
- Stuart, fl
- Posts
- 246
That sucks, I just got fantastico through servermatrix, what exactly happened?
-
03-12-2004, 06:00 PM #19Web Hosting Master
- Join Date
- Dec 2003
- Posts
- 565
phinsup
all are ok just check your whm if that is ok then u dont have problem with fantastico