Questions tagged [hacking]

Hacking is the violation of server or network security via exploitation of weaknesses in that security.

Some of the most common ways security may be compromised include:

Social engineering, in which a person is persuaded to give up sensitive information such as passwords
Exploiting unpatched or not generally known (0-day) security holes in software
Brute force, that is, trying common usernames and passwords repeatedly until something works

Less commonly, hacking refers to the uncommonly creative solution of a software or hardware problem. Some see this original definition as the correct one and wish to preserve it, though they seem to be fighting a losing battle.

Detailed security questions and answers which do not fit at Server Fault may be welcome at IT Security Stack Exchange.

479 questions

votes

4 answers

How do I secure my Asterisk server?

Our asterisk server was compromised. some calls were made to Asia countries last weekend. Thought we have improved our network configuration, we still want to determine how the intrusion was done, we think there are clues in our asterisk log…

asked Oct 09 '12 at 20:21

SDReyes

votes

1 answer

code injection, some sort of hack?

something seems to have either hacked a webserver, or we have some sort of semi-malicious code running that keeps injecting code into our website. it seems to affect just a couple of coldfusion and html file. we've run malwarebytes, spybot, and AVG…

html web-server hacking coldfusion

asked Aug 09 '12 at 13:18

user44650

votes

0 answers

Server hacked - want to run an rsync backup in reverse. Will this work?

Possible Duplicate: My server's been hacked EMERGENCY My user account on a shared hosting server got hacked and overwrote every PHP with this at the bottom.... eval(gzuncompress(base64_decode( etc etc Luckily I think I know the script that was…

backup rsync restore hacking

asked Nov 17 '11 at 11:59

firefusion

votes

2 answers

Security Flaw - Report it?

This may be a community wiki, I'm not sure. Imagine a scenario where you discover a security flaw in a company's website while browsing the web. Something involving a change to URL parameters that releases information to you that you otherwise…

hacking security

asked Jun 07 '11 at 13:56

Kyle Smith

9,683
1
31
32

votes

2 answers

What can I do with an IP address of a visitor that tried to access a shell exploit that was planted on my system?

My website was exploited (don't worry about how) and the result was there were several WebShells installed in various locations. The exact web shell is just like the one listed in this question here on StackOverflow. I deleted the shell file,…

ip hacking

asked May 19 '11 at 20:39

Mike Atlas

votes

6 answers

How did they hack my Wordpress sites

I have many wordpress sites hosted in a Bluehost shared hosting environment. Recently when I searched one of the sites in Google, it said "The site might be compromised". I got alerts from Google Webmaster about a script in one of the WP…

wordpress hacking

asked Apr 16 '11 at 16:57

Sam Alex

votes

6 answers

Is WEP used in conjunction with a wireless access list adequate security?

I use a Netgear wireless router, with various wireless devices connecting to it. One of my wireless devices doesn't support WPA2 security, so I had to downgrade the security on the router to WEP. We all know WEP is broken, so as an added measure I…

security hacking wpa wifi

asked May 01 '09 at 12:25

LeopardSkinPillBoxHat

votes

5 answers

Why is my port 25 so active?

Using netstat -na I notice that I have a lot of connections like tcp 0 0 XXX.XXX.XXX.XXX:25 YYY.YYY.YYY.YYY:13933 ESTABLISHED tcp 0 0 XXX.XXX.XXX.XXX:25 ZZZ.ZZZ.ZZZ.ZZZ:9528 ESTABLISHED Those are to…

firewall smtp hacking intrusion-detection

asked Jul 18 '10 at 18:17

user48058

votes

4 answers

Site Hacked Using ?cmd=ls

A Joomla site I'm running was hacked the other day. The hacker dropped some files into the tmp directory and was running an HTTP Daemon there somehow (at least that's what my host told me). At any rate, I've been trying to clean up the files they…

security hacking joomla

asked Jul 06 '10 at 18:51

ggutenberg

votes

2 answers

code injected inside PHP file with 777 permission

I woke up to find that all the folders in my shared-web-host with 777 permission had two new php file. The code inside the file could not be read - here is the decoded version: http://pastie.org/779226 (what the...?) That code was injected even…

linux security php hacking

asked Jan 24 '10 at 04:24

coder_

votes

2 answers

Email smtp credentials keep getting compromised every now and then (laravel 7)

Just as the title says, we have a website that uses third party smtp credentials to send emails, but, we keep getting our smtp credentials hacked and used to send spams emails, which results in our smtp account suspension, we first used ses, and…

security smtp hacking laravel

asked Nov 03 '20 at 14:37

logax

votes

3 answers

What criteria do you use to determine if someone is hammering your server?

When you go through your logs, what criteria do you use to determine if it's you (ie: you need to beef up your server/s) or them (ie: they're verging on a DoS)? How many connections/second would you consider reasonable, and why? Do you have some…

log-files hacking denial-of-service

asked May 18 '09 at 16:09

username

4,755
19
55
78

votes

1 answer

Catch backslashes, single and double quotes in GET requests

According to this SQL Injection Basics article: <…> the operations mostly used for breaking\fuzzing the SQL query’s are. ' Single quote " Double Quote \ Backslash (MySQL Escape character) There also are hex-encoded characters (e.g. 0x3a3a)…

nginx security hacking

asked Sep 07 '18 at 09:43

ᴍᴇʜᴏᴠ

votes

2 answers

How can I keep one hacked website on my server from compromising the other websites?

I'm a teaching assistant in software security and running a server that is vulnerable by design. It's an nginx server, and it has 40 ports open. Each port serves a web application, and all the web applications are very vulnerable to hacking. If one…

nginx permissions hacking www-data

asked Jan 15 '18 at 08:14

Magnus

votes

2 answers

How do you get Google to update the index of your site after recovering from a hack?

I have a website that I took over as webmaster. It was in WordPress and was hacked and had thousands of SPAM pages injected to the website. These pages were indexed by Google and in the end had the message "This site may be hacked" against search…

spam hacking google search google-webmaster-tools

asked Oct 08 '17 at 17:29

Denver Chiwakira

Prev 1 2 3

…

31 32 Next