Topic: How to deal with TP hack

[EonBlue]

Okay, there is no suphp on my server. All files are locked and owner/group changed. All sites appear to be clear for now. I will keep an eye on everything and let you know if anything comes back.

[ip0li]

ok, cheers bud!

[Le Petit Prince]

HI,

I still got problems with my sites. Can you find some time to have a look at our servers?

[ip0li]

Hi, please contact http://www.soft-com.biz guys, they solved issues for many of our clients since its ended up as not just TP but other scripts exploits were involved also .

Cheers

[donedeal]

Hi, please contact http://www.soft-com.biz guys, they solved issues for many of our clients since its ended up as not just TP but other scripts exploits were involved also .

Cheers


This statement makes me sick. THIS WAS YOU GUYS. now your sluffing it off on other expoits. your so full of shit. I have servers from scratch without a problem. This hacker got in and he started leaving his hacker files so he could log in and root your server outside of the accounts. It really makes me sick to see you start saying theres other reasons. it was YOU no one else. YOU should be paying the soft-com guys to fix who got hacked. once this guy got in he started fucking up every other script on the server. YOUR UPDATE DID THIS. no its not smart thumbs, its not any other script but TRADE PULSE that got this guy in. YOU GUYS could not clean it up, now some guys are making money over YOUR lack of responsibility or know how how to clean it up. Even your lock was unable to stop this guy once he was in.

I understand shit happens, but now youve stopped taking responsibility. Very dissapointed. I have lost all respect from you over this now. and now your posting happy faces that its "not because of you guys" now, god i cant believe this shit coming from your mouth now

[donedeal]

Why dont you just say the truth? Once this guy is in your server:

1. you are ROOTED
2. we just cant fix it
3. sorry

if you just did this, people could take this alot better


People, if you dont want to pay someone you dont know to fix your server, just get a new server and install everything from scratch. Best time saver you can ever do. My old server is still hooped. the new ones are doing just fine.

[ip0li]

Hi, first of all thank you for nice post about us.

Actually it is not truth that just our update did this, after speaking with clients/their hosters etc it ended up in not being just our update, it looks like other scripts had issues also with exploits. Our UPDATE did PROBLEM, PERIOD, I NEVER SAY IT WAS NOT OUR FAULT!

I AM NOT SLUFFING IT TO ANYONE, IT WAS OUR UPDATE, OUR PROBLEM, OUR SCRIPT.

1. You are ROOTED->Not true since hacker can't get ROOT privileges from shell scripts
2. We just cant fix it->This is true since we are not your hosting support, that swhy I started recommending soft-com.biz guys
3. Sorry si said numerous times already and here it is once again: I AM SORRY, WE ARE SORRY!

I hope this thread won't become major drama since we both probably have smarter things to do in our life.

Cheers

[Marko]

Why dont you just say the truth? Once this guy is in your server:

1. you are ROOTED

Do you know what exactly term "rooted" means?

[Shawn]

I'm not real impressed with soft-com guys.  so far they seem to have done exactly what my host already does and then try and upsell me 'optimization' services.  and it took them 8 hours to clean my server at $25/hour that seems steep to just run a scanner.  I thought they had some specific knowledge about how to find this guys shells scripts but doesn't look that way.

[donedeal]

Ive finally got some sleep and realized I vented on the wrong person.

ipOLi, i owe you an apology. Last night I was up a long time working against this guy again, and I took my frustration out on you when its really him i am mad at. You have done great work for me and alot of people. I know you didnt mean for this to happen.

This guy has stole from us and has caused many many days of our time.

I hope you can accept my apology, I lost my temper last night, and i took that message the wrong way.

[ip0li]

I'm not real impressed with soft-com guys.  so far they seem to have done exactly what my host already does and then try and upsell me 'optimization' services.  and it took them 8 hours to clean my server at $25/hour that seems steep to just run a scanner.  I thought they had some specific knowledge about how to find this guys shells scripts but doesn't look that way.

Ok SHawn, U are first negative feedback about them, icq me 169397168 maybe I have eprson who can help U!

[ip0li]

Ive finally got some sleep and realized I vented on the wrong person.

ipOLi, i owe you an apology. Last night I was up a long time working against this guy again, and I took my frustration out on you when its really him i am mad at. You have done great work for me and alot of people. I know you didnt mean for this to happen.

This guy has stole from us and has caused many many days of our time.

I hope you can accept my apology, I lost my temper last night, and i took that message the wrong way.

No problem, all fine....I hope U solve it soon...also feel free to icq me 169397168 I have person who can offer some paid help(server tech).

[Shawn]

I'm not real interested in paying yet more money for someone to just run a scanner unless they've got some real insight into how to remove all this hackers files.
I moved to mojohost awhile ago and they've managed to create custom signatures for the scanners that automatically stop this guy so they've been pretty good except for a week or two ago he used something new that took them a day to figure out which is why I figured these soft-com guys would be worth a try but so far all I've seen is their scanners find the same files and then email them rather then auto fixing stuff.

[ip0li]

Ok, I just wanted to let U know that there are more options other then soft-com.biz guys.

Cheers

[Vas]

Hi,

Is there any other way to lock files instead of root access,  I keep getting invalid user.  ANY OTHER WAY