To whoever hacked into my Database
Νίκος Αλεξόπουλος
nikos.gr33k at gmail.com
Sat Nov 9 01:16:18 EST 2013
Στις 9/11/2013 7:54 πμ, ο/η Νίκος Αλεξόπουλος έγραψε:
> Στις 6/11/2013 5:25 μμ, ο/η Νίκος Γκρ33κ έγραψε:
>> Okey let the hacker try again to mess with my database!!!
>>
>> He is done it twice, lets see if he will make it again!
>>
>> I'am waiting!
>
>
> I have to congratulate the hacher because as it seems s/he's done it again.
>
> S/he's manages to actually pass fake filename values inside my db even
> after my changes:
>
> here is prrof: http://superhost.gr/?show=stats
>
> Now i need to hit my head into the wall until i understand how this thing
Here is the link proof of the hack because now i have deleted this bogus
entries: http://i.imgur.com/eqahBMj.png
Perhaps these '../../' attempts were actually an attempt to try reading
sensitive server's data from within'/etc' so to gain root in my system.
Last night i have made some changes to the way i validate user input but
as it seems the new scenario didn't work efficiently.
I just re-altered something and i'm curious if this can happen once again.
More information about the Python-list
mailing list