Jump to content

step by step


7amomah

Recommended Posts

me and my friends , we have a website actually it is forum ( vBulletin Version 3.5.1) for our study

and these r the server scan results from whois.sc

Apache/1.3.41 (Unix) PHP/5.2.5 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a

if someone threatened me to kack our website what is he gonna do

what r the steps , the exploits , that the hacker can use to hack our website and how do they gonna do it ??

and finally im i in danger ??!

i hope everybody will think just for today as if they r that person ,, and put all what in your mind here

Link to comment
Share on other sites

You are in grave danger young apprentice. For there is a force much greater than you that wants noting more to take down you site for lulz. The best thing to do it not talk to anyone, that way you dont piss them off.

No. but seriously no one here is going to do the work for you.. Google exploits for VB and see what exploits exist for your version and how to patched them. If you are on the Internet you can get hacked... maybe not today but eventually some one will. Its cool that your young and running your own server but for serious google that shit

Link to comment
Share on other sites

me and my friends , we have a website actually it is forum ( vBulletin Version 3.5.1) for our study

and these r the server scan results from whois.sc

Apache/1.3.41 (Unix) PHP/5.2.5 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a

if someone threatened me to kack our website what is he gonna do

what r the steps , the exploits , that the hacker can use to hack our website and how do they gonna do it ??

and finally im i in danger ??!

i hope everybody will think just for today as if they r that person ,, and put all what in your mind here

Once you take vBulletin off your server, it is far harder to brake into.

Link to comment
Share on other sites

Also, turn off all front page extensions, update your SSL and if possible, add a package like Suosin to harden your PHP. Good luck. Your SSL has had 3 updates since 2007 and is vulnerable to attacks.

Link to comment
Share on other sites

Exploits are released daily that are aimed at forums. Generally speaking as long as you use a reputable forum and keep your forum version up to date you'll be ok!

Its not always just the forum software that is an issue. Your PHP configuation, version, etc paly a roll in this. Any server addons and software, including the OS your running. Really when it comes down to it, the internet is a crap shoot of how long it will be before someone gets into your website.

Link to comment
Share on other sites

You are in grave danger young apprentice. For there is a force much greater than you that wants noting more to take down you site for lulz.

please i wanna fight .. just guide me

to say something like that it mean ..... it is eaaaaaaaaaasy so easy ... but i cant get it ..

Once you take vBulletin off your server, it is far harder to brake into.

i like your posts .. there r always short ... mean alot ...

but for me can u make it long

and can u tell me why not VB ?? give me the weakness .. i will patch them

Your SSL has had 3 updates since 2007 and is vulnerable to attacks.

i will ,, but cant anyone hack the last version ( not proffessional )

Exploits are released daily that are aimed at forums. Generally speaking as long as you use a reputable forum and keep your forum version up to date you'll be ok!

but i read that this version is one of the most stable ones ,, Vista is not nessessary more secure than XP ,, im i right ? or if u know something about this version in particular just let me know .. please

Its not always just the forum software that is an issue. Your PHP configuation, version, etc paly a roll in this. Any server addons and software, including the OS your running. Really when it comes down to it, the internet is a crap shoot of how long it will be before someone gets into your website.

u want to make harder ..

>>>>

in general im thankful to all of u

but teaching me how to fish , better tha giving me the one fish

Link to comment
Share on other sites

Perhaps teaching someone how to fish is better than giving them a single fish.

Perhaps telling someone how to break a particular server using step by step instructions is akin to supplying the lonesome fish when compared to the hint that a little research on one's own will provide much more fruitful results (or fishful, maybe?).

Link to comment
Share on other sites

maybe you should take all the services that you have running and just do a little research on how to exploit the services, that way when someone does decide to show you step by step then you will be able to understand it more clearly and that way youll know why and how to patch up your system...Well thats just a thought, use it, dont use, the choice is yours

Link to comment
Share on other sites

by the way ,, im a medical student ,, so i dont have that much time to " research on how to exploit the services "

and at the same time that server took alot form my pocket ,, i cant hire someone so to do the" penetration test "

im not asking anyone to do the " homework " for me ,, im just looking for the shortest way to know how someone can attack that particular server ,, and how can i "defend "

but that SANS seems great ( if it is free ,, & on spare times)

Link to comment
Share on other sites

im just looking for the shortest way to know how someone can attack that particular server ,, and how can i "defend"

Um, in my previosu post I mentiond to secure it, you should:

turn off all front page extensions, update your SSL and if possible, add a package like Suosin to harden your PHP. Good luck. Your SSL has had 3 updates since 2007 and is vulnerable to attacks.

So, if you want somethign to look for to exploit, search for:

front page extensions, SSL and PHP.

Your SSL has had 3 updates since 2007 and is vulnerable to attacks.

Im not sure how much more clear people can be. You know the software on the server, search for its version and any bugs it may have. No one here is going to hack you server for you, we don't even know if it is your server you are talking about.

Link to comment
Share on other sites

digib >>> i appreciaite what us wrote ,, & im on it .. but u seem so angry ,,

anyway ... i will search for the exploits ,, then will inform u what i got

No anger intended. :) Just trying to make sure you understand the threats are real and you need to patch it if possible.

Link to comment
Share on other sites

Just updated all those services, and keep them up to date. Sorry, but I am very skeptical when people come here and say "Hoi Guys! So.... I got like a home server that I want to hack"

The way i learned some of my penetration skills was with DVM, damn vulnerable linux, it is really a big help and a great teaching tool.. not a distro i would boot into though

Link to comment
Share on other sites

DingleBerries , i owe u alot ,, actually to all of u

i will get that DVM , but now i've found some exploits specially to that VB ,,

i understand now this

Exploits are released daily that are aimed at forums

as soon as i get the results of my training ,, it will be posted here ,, thanx again D.B

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...