Home | Help | Angelfire Team Blog

« June 2004 »
S M T W T F S
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30

You are not logged in. Log in
Blog Tools
Edit your Blog
Build a Blog
RSS Feed
View Profile
Open Community
Post to this Blog
Entries by Topic
All topics  «
CGI scripts
FrontPage
HTML Questions
Image Questions
Jokes & Fun
News

Helpful Links
Angelfire Home
Register Your Domain
Angelfire's Twitter
Angelfire's Facebook

Angelfire Club Blog
Need assistance and ideas from fellow Angelfire members to help build and manage your website? You've come to the right place!
To join this Community Blog, you must be an Angelfire member. Just click the "Join this Community" link, and start posting immediately.

Hint: When posting, select a topic that most relates to your question. (News, FrontPage, HTML Questions, etc...) This will help to keep the blog organized for everyone.

View Latest Entries

Thursday, 3 June 2004
angelfire hacked
Mood:  don't ask
Now Playing: hacked
Topic: News
Hello angelfire users..
I am posting due to malicious cracking that has been goin on with one of my sites..(not current account bloggin under) anyway.. has anyone else had problems with their site being hacked? I have bravenet and it logged the ip that cracked the webshell, the url is different though, looking like https://www.angelfire.lycos.com/cgi-auth/webshell?currentDir=&breadCRUMB=1
instead of ending in just webshell.. has anyone been compromised like this? if not.. KNOW that there is a gaping security hole in angelfire.. back up your sh1t before it gets whiped...help if you can.
thank you


Posted by goth2/araboth at 6:50 AM EDT | Post Comment | View Comments (2) | Permalink | Share This Post

Comments Page

Thursday, 3 June 2004 - 7:13 AM EDT

Name: jrp34

What site are you currently having problems with? If you email me at jrp34 lycos.com, I would be happy to work with you there. If your site was cracked, we should be able to do something about it.

I'm not sure what you mean by webshell though. The URL that you print is a fine one for the WS. We sometimes add extra query parameters to keep track of you, but that's nothing new. It depends on what links you travel to get there.

Please reply here or email me with more specific information (including why you believe your site was cracked) and I'll help you deal with it if I can. If you believe that you have found a general security bug and you can reproduce it yourself, please definately let me know that immediately and that will get first attention.

JP

Reply to this Comment

Tuesday, 8 June 2004 - 11:28 AM EDT

Name: goth2/araboth

The link I posted jrp34 is the log that shows up in my bravenet counter stats page, as the person that last logged into the angelfire webshell and deleted everything i had. it has happened again as well with the same address and ip address.. my ISP will do NOTHING about it, even though the ip is clearly of their service and from a nearby city.. but I will email you.thanks for the reply.
j

Reply to this Comment
Comments Page
View Latest Entries