Hacked by goons.net

Posted: Fri Jan 12, 2007 10:24 pm

Hey all I was completly hacked by JuNK at goons.net - seems he's managed to get into the database and also possibly my gallery database as well.

Since I've been away for a bit I haven't got a back up of the DB for the last month so I've got a bit of work ahead of me.

My admin user name was hacked .....

anybody had dealings with these #$%@s? or know how to stop them? I had the latest version of sentnning running .....

Posted: Fri Jan 12, 2007 10:38 pm

It was actaully from www.g00ns-forum.net

Involved Joined: Oct 09, 2006 Posts: 413 Location: UK

Yeh G00ns did us a while back. Just b4 i took the decision to get RN76 actually Wink

They are the usaul brand of script kiddies, play with this, play with that.
There motive...
Get you to make some kind of Teamspeak message saying how they owned you etc etc blah blah, but all they really want to do is highlight flaws in your security, and help improve the nuke community.
YEH RIGHTO.. biggest excuse for a waste of time and effort ive heard.
" I know, my names Raven, i want to improve the nuke community, so ill physically impose myself on other peoples private property to get my point across"

Imagine if that had happened.
Or you can do what Raven actually did.. start a community, get ppl interested then develop your own software.. Thats the proper way.

These kids, and they are kids. Are nothing but a hinderance on the community.
They Probably sent you an AIM or MSN message? because you are on your forums as site admin?
It makes us admins easy targets.
Dont be afraid, however they do seem to know what they are doing, as i found after after a bit of digging around various websites. I forget they actual goons guy that threatened me with all sort s of nasties against my family, but within an hour i told him his medical records Shocked

that seemed to cool his mouth slightly.
I say they know what they are doing but when i asked for proof, by asking him my God pw he quoted my webmail pw....hmmm

If you are still infected and use Cpanel, i would suggest you lock your root with a pw from there, untill you work out how to handle the situation.
For me that was easy..upgrade to RN76.

Bloody Script kiddies..

Posted: Sat Jan 13, 2007 12:20 am

Rant over

But have you asked your host to describe how they got in?

Posted: Sat Jan 13, 2007 2:25 am

Hmmm Haven't found out yet - although I'm running under a VPS that I set up with a friend which after alot of changes he now sorts so am waiting on a reply from him.

I have of SQL injection although I'm not sure what it is .. pointers to site for info on the kind of things these mosquito's are doing?

and I'm going to have a look at changing over to RN76 ......

registered · Posted: Sat Jan 13, 2007 2:55 am

Well what version were you using? Was it Patched? Upgraded your forums? Any other addons you are running? vWar, forums attachment, SQuery, etc?

Posted: Sat Jan 13, 2007 11:25 am

our hack was via sql injection too, like yourself, im not sure what this means. What i do know is, it was the 2nd time we had been hacked using that method. Thats why i didnt bother to find out the 'ins' and 'outs' of the problem. I looked deeper..and found RN76, it was the easy option for me, and i havent had a problem since. Touch wood.

Sells PC To Pay For Divorce Joined: Posts: 5661

yeah and i can see your very fast taking your site offline...
sentinel protects core ....no 3d party junk...
take your site offline and repair the s..t