Comments on: Article Directories Hacked by z7faan-h4ck3r http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/ Sun, 03 Apr 2011 15:22:16 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Michael http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-79 Michael Sun, 03 Apr 2011 15:22:16 +0000 http://robatherton.com/?p=183#comment-79 It\'s the article directory that got hacked, not your site. This dude preys on articledashboard sites. It\’s the article directory that got hacked, not your site. This dude preys on articledashboard sites.

]]> By: Gavin http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-73 Gavin Thu, 21 Oct 2010 10:15:14 +0000 http://robatherton.com/?p=183#comment-73 Hi, I just joined a website (travelarticles.org) trying to promote my company's website. To be honest and to put this in context, I am a computer novice. I then got a confirmation email from someone who goes by HaCkEd BY Z7FaaN H4Ck3R . Any thoughts on what I should do, any measures I should take to protect my site? Is my site in danger and has anyone else had a similar experience? Cheers, Gavin Hi,
I just joined a website (travelarticles.org) trying to promote my company’s website. To be honest and to put this in context, I am a computer novice. I then got a confirmation email from someone who goes by HaCkEd BY Z7FaaN H4Ck3R . Any thoughts on what I should do, any measures I should take to protect my site? Is my site in danger and has anyone else had a similar experience?

Cheers,
Gavin

]]> By: Rob Atherton http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-66 Rob Atherton Tue, 01 Jun 2010 21:46:38 +0000 http://robatherton.com/?p=183#comment-66 My site just got hacked again but some Turkish lot this time. I had a look at the two directories /admintemplates /templates I sorted the files by date/time and it showed a number of files in each directory had been updated recently. I've just FTP'd over the correct versions of the individual files that were hacked and so far it seems to have work. Took me about 5 minutes to fix. My site just got hacked again but some Turkish lot this time.

I had a look at the two directories
/admintemplates
/templates

I sorted the files by date/time and it showed a number of files in each directory had been updated recently. I’ve just FTP’d over the correct versions of the individual files that were hacked and so far it seems to have work. Took me about 5 minutes to fix.

]]> By: Darman http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-65 Darman Wed, 19 May 2010 04:44:47 +0000 http://robatherton.com/?p=183#comment-65 I just do this against z7faan. 1. Change password 2. Change Theme 3. Reinstall the previous theme. It works. I just do this against z7faan.
1. Change password
2. Change Theme
3. Reinstall the previous theme.
It works.

]]> By: Darman http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-64 Darman Wed, 19 May 2010 01:57:35 +0000 http://robatherton.com/?p=183#comment-64 I am a newbie. Yesterday one of my site has attacked by this z7faan-.... I have read the above comment and your (Rob) article, but I don't know what to do from the first. Anyone can help? Thanks. I am a newbie. Yesterday one of my site has attacked by this z7faan-…. I have read the above comment and your (Rob) article, but I don’t know what to do from the first. Anyone can help?
Thanks.

]]> By: Linda http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-61 Linda Mon, 10 May 2010 13:00:18 +0000 http://robatherton.com/?p=183#comment-61 I set up my Article Bot directory submission software over the weekend and spent about 10 hours manually entering pw/user names to hundreds of directories that didn't load in the auto signup process. I felt the time spent would be well worth it to be able to rapidly submit my articles. Finally submitted my first article last night and all was going well when about 10 directories away from the entire 300+ or so being submitted, the submission process seemed to stall. I couldn't get it to cancel or close out. So I closed out Article Bot and when I came back in not only were my user and company profiles all wiped away but so was my Ready status for the sites I'd spent 10 hours already manually signing up for! And there was no record or trace of the article I just submitted. It was as if I'd never yet used the software. As I had attempted to close down the stalled submission box, my McAffee had also shot up a Trojan warning yet when I went into to check recent activity it showed nothing. The guy at Article Bot says they aren't responsible for the directories who don't take proper security precautions but my other problems aren't the result of this assh##e hacker and I'm pretty sure they are. Once I ran through the auto signup process again I'm now left with having to re-submit to 300+ directories my pw/user name manually again. Of several that went through on the auto submit, I received at least a dozen by this assenine hacker in confirmation emails. When clicking on the confirm link I'm taken to his page with the face of a ugly as hell goth character and some Beasts of Hell BS! What pathetic lives these losers have to have to get their jollies out of causing hard working people such grief. If I could get my hands on this creep I'd kill him and I DO mean that!!! Linda I set up my Article Bot directory submission software over the weekend and spent about 10 hours manually entering pw/user names to hundreds of directories that didn’t load in the auto signup process. I felt the time spent would be well worth it to be able to rapidly submit my articles. Finally submitted my first article last night and all was going well when about 10 directories away from the entire 300+ or so being submitted, the submission process seemed to stall. I couldn’t get it to cancel or close out. So I closed out Article Bot and when I came back in not only were my user and company profiles all wiped away but so was my Ready status for the sites I’d spent 10 hours already manually signing up for! And there was no record or trace of the article I just submitted. It was as if I’d never yet used the software.

As I had attempted to close down the stalled submission box, my McAffee had also shot up a Trojan warning yet when I went into to check recent activity it showed nothing.

The guy at Article Bot says they aren’t responsible for the directories who don’t take proper security precautions but my other problems aren’t the result of this assh##e hacker and I’m pretty sure they are. Once I ran through the auto signup process again I’m now left with having to re-submit to 300+ directories my pw/user name manually again. Of several that went through on the auto submit, I received at least a dozen by this assenine hacker in confirmation emails. When clicking on the confirm link I’m taken to his page with the face of a ugly as hell goth character and some Beasts of Hell BS!

What pathetic lives these losers have to have to get their jollies out of causing hard working people such grief. If I could get my hands on this creep I’d kill him and I DO mean that!!!

Linda

]]> By: michael http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-60 michael Sun, 09 May 2010 19:57:33 +0000 http://robatherton.com/?p=183#comment-60 ok here is the script for your mysql update: update admin set password = '21232f297a57a5a743894a0e4a801fc3' where adminid = [your admin id] sets the password to 'admin' ok here is the script for your mysql update:

update admin
set password = ’21232f297a57a5a743894a0e4a801fc3′
where adminid = [your admin id]

sets the password to ‘admin’

]]> By: michael http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-59 michael Sun, 09 May 2010 19:38:50 +0000 http://robatherton.com/?p=183#comment-59 I forgot my admin password. I remember seeing an encrypted string somewhere on the net that reset the password via a db entry. And then I could go into the app and provide a new on. Anyone know what that was? I forgot my admin password. I remember seeing an encrypted string somewhere on the net that reset the password via a db entry. And then I could go into the app and provide a new on. Anyone know what that was?

]]> By: David Carlson http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-58 David Carlson Wed, 28 Apr 2010 20:57:58 +0000 http://robatherton.com/?p=183#comment-58 Pardon my French, but these guys are f---ing assholes. About 2 weeks ago, our wordpress module was compromised so we couldn't access it. Then today they put their obnoxious bloody skull logo on the site. I am still trying to clean it off, but their seems to be something embedded in the site that is redirecting the website to a different page. Hopefully I can just disable the site while I try to reconstruct it... and yes, I have already changed my password. Pardon my French, but these guys are f—ing assholes.
About 2 weeks ago, our wordpress module was compromised so we couldn’t access it. Then today they put their obnoxious bloody skull logo on the site. I am still trying to clean it off, but their seems to be something embedded in the site that is redirecting the website to a different page. Hopefully I can just disable the site while I try to reconstruct it… and yes, I have already changed my password.

]]> By: Anonymous http://robatherton.com/183/article-directories-hacked-by-z7faan-h4ck3r/comment-page-1/#comment-57 Anonymous Fri, 23 Apr 2010 22:18:47 +0000 http://robatherton.com/?p=183#comment-57 Search your entire remote (webhost) directory for mshell.php. There may be several of them. Also look for a folder called g2data, this will guide you to the place where they set up on your hosting account. Anonymous Search your entire remote (webhost) directory for mshell.php. There may be several of them.

Also look for a folder called g2data, this will guide you to the place where they set up on your hosting account.

Anonymous

]]>