Tag Archives: attack

HAckEd! The Aftermath Blogging 08 DEC 2011

Wonderful, just wonderful. So my online presence was completely down for well over two days at the start of this week, and no, that never points to something good.

The reason? Some silly twit hacked my hosting account for the lulz, and pretty much destroyed everything in sight, just so that he or she could throw up their silly little defacement page featuring some bad music, a picture of a sniper and a link to his ‘security site’. To be honest, I never bothered loading it to see, I just saw the bare code on the pages as I was busy manually removing them, so there may have been a little more. The hosting company (AmpleHosting) picked up on the hack pretty quickly and shut down my account, meaning I don’t think too many people were subjected to what this person obviously thinks is “cool”.

I’m not sure what the attack vector was to gain access to the hosting account, it could be either Joomla, WordPress, Gallery or one of my own concoctions floating around, but the fact of the matter is that the hacker successfully deleted a number of files and folders off the account and managed to inject his replacement defaced page across the various sites. At the moment it points to the work of a script kiddie, but oh well, regardless of their level of skill, the damage was done.

My hosting account plays host to five WordPress sites (http://www.craiglotter.co.za, http://www.codeunit.co.za, http://www.houseofc.co.za, http://www.countingbeans.co.za, and http://www.cookiesandcakes.co.za), one Joomla site (http://www.funakoshikarate.co.za), one Gallery site (http://photos.codeunit.co.za), and a couple of my own homebrew sites like the mobile-formatted http://c.codeunit.co.za, my CodeUnit applications Autoupdate framework, my Adobe AIR applications, as well as the beginnings of my portfolio site.

In other words, a fair bit of things down for the count then.

The damage done by the script was pretty simple. Troll through all folders and delete any “index” or “default” pages it could find. Replace with custom index page in all root folders. Also delete any files named “wp-config” as wells as folders named “wp-admin” or “uploads”, before finally deleting itself (well, I think that this last one is true, as I can’t find a trace of the malicious script for now).

Thankfully, apart from a single username change in the craiglotter.co.za database, it doesn’t appear that the attacker tampered with any of the databases, meaning that to get the WordPress sites back up and running, I needed to download WordPress from its official home, and then upload the wp-admin folder, plus index.php file back into each affected site folder. Finally I had to regenerate the wp-config file using database details for the existing databases held in the account, creating new database user accounts in the process. I have lost some shared images and the like that used to be stored in the Uploads folder, so that does mean that unfortunately you’ll have to bear with a couple of missing items until I manage to root them all out.

I haven’t bothered to bring the Gallery site back up, and will instead trash it and introduce the photos it used to contain into my main craiglotter.co.za site – it makes sense to bring the photos in-house anyway. Already disillusioned with how user-UNfriendly Joomla is, I’ve decided to kill the Funakoshi Karate website and rather create a brand new WordPress site for it (Thank goodness my leave is coming up soon!).

As for the other custom stuff, well, it is pretty much destroyed as far as what I’m concerned. I’m already in the process of recreating the CodeUnit Collections mobile site using jQuery Mobile as a platform, and for the rest, well, I’m just going to pretend they never existed until I one day have need of them again! ;)

Sucky, but that’s how it goes.

On my hosting plan, automatic backups aren’t done, meaning that because I wasn’t keeping up to date with backups, the deleted files are lost forever. The fact of the matter is that I should of course have known better and managed the backup process on a more consistent manner, but the reality is that this remains something I have fun with in my personal time – and it simply isn’t all that high on the list of things to do with what little free time I have available to me!

Anyway, the worst part for me is that this shit is done simply for kicks by one very sad, lonely little individual. *Sigh*, eventually they’ll also grow up I imagine.

Howling Balls of Scratching Fury My Life 18 MAR 2010

The other night saw a tired Chantelle and I finally retire to bed just before midnight after having successfully returned from a Ster Kinekor screening of It’s Complicated (which by the way is a thoroughly enjoyable movie in case you were wondering).

Anyhow, as it had been for the last couple of days, the wind was absolutely howling outside, once again determined to make living quite miserable and in which of course does succeed… particularly when we’re talking about the cats.

You see, our dear darlings Olympus and Achilles can’t exactly spend much time running around, hunting and playing outside without being blown from the one end of the property to the other and so they’re pretty much pinned inside for the whole day – which of course translates to a hell of a lot of pent up energy come the evening and in other words our return to the home.

Needless to say, this pent up energy immediately manifests itself in play time and so Chantelle and I need to do our evening’s business while carefully stepping over the usually rolling around and kicking combined fur ball entanglement that is Olympus versus Achilles.

So teeth brushed and book pages turned, we turned off the lights and lay our heads down… when all of a sudden, out of the complete blue, the sound of frenzied paws gripping along the carpet accompanied this fast flying bundle of fur through the air, paws streched out and claws extended – landing in a heap on top of our unsuspecting, blissfully unaware heads!!

Luckily for me my arm was kind of hanging over my head so that took the brunt of the scratch attack but poor Chantelle was not quite so lucky, even going so far as suffering some bleeding from her scalp! Nothing major of course, but unnecessarily sharp, painful and a rather rude awakening one must say.

So up we sprang, grabbed our spectacles and flipped on the lights, hunting down the two miscreants who had of course bolted back to the lounge following our initial surprised outburst. Of course catching the little buggers to give them a smack and throw them out of the front door quickly proved to be quite the pointless exercise as they didn’t really take our angry demeanours very seriously and simply kept walking back in right after you scooted them out, meaning that in the end we simply had to give up and returned to our room where we closed the door for the night.

(Cutely enough, the two of them were found lying stretched out in front of our bedroom door the next morning of course…)

Hee hee, they'll never guess I'm actually just biding my time until the right moment to attack!

Olympus, Bloody and Bruised My Life 08 DEC 2009

olympus-cat-on-the-tvSo Olympus was attacked yesterday, I learned from Chantelle on stepping into my home last night. Apparently the big scraggy dog and his little annoying yapping partner managed to scrag Olympus some time during the day, causing Achilles to completely disappear for most of the day and leaving Olympus a bloody mess, with visible bite marks on both of his back legs and at least two claws completely ripped out of his poor, pained paws.

Shame, the tyke was completely on edge, jumpy if you must, and feeling quite sorry for himself, though after more than just a fair bit of love and care last night, he seems to be back to his inquisitive self this morning – after all, who doesn’t like greeting Craig in bed and having him get up in order to fill the cat pellets bowl!

Thanks to Tessa (yes, that Tessa, you should have known), Chantelle got all the details of the attack, including the names and address of the dogs owners and come today, she’s going to take them on because quite frankly, if you can’t control your dogs then you shouldn’t be allowing them to roam freely on communal ground in the first place.

The cats were attacked in our backyard, which means that they weren’t the ones causing trouble (for a change to be fair) – oh no, it was those damn mangy mutts that were sniffing around where they aren’t supposed to be that once again proved to be the problem at hand, so hopefully these people will listen to what we have to say and at least keep their dogs on leashes if they are to venture outside in the open.

Unfortunately, dogs are always a problem in complexes as far as I’m concerned. Fine if they stay indoors all day long, but as it is, I’ve already heard someone complaining to the neighbour above about their puppy that incessantly whines all day long while the owner isn’t home – now if only those same people would do something about their noisy water pipes that seem intent on disturbing Chantelle’s sleep at 04:00 in the morning every day as well!

Oh well, at least Olympus seems back on his feet this morning – but I am left with a question though – does anyone know if his claws will eventually grow back? Or has my cat been permanently de-clawed? O.O