To whoever hacked into my Database

Νίκος Αλεξόπουλος nikos.gr33k at gmail.com
Sat Nov 9 07:16:18 CET 2013


Στις 9/11/2013 7:54 πμ, ο/η Νίκος Αλεξόπουλος έγραψε:
> Στις 6/11/2013 5:25 μμ, ο/η Νίκος Γκρ33κ έγραψε:
>> Okey let the hacker try again to mess with my database!!!
>>
>> He is done it twice, lets see if he will make it again!
>>
>> I'am waiting!
>
>
> I have to congratulate the hacher because as it seems s/he's done it again.
>
> S/he's manages to actually pass fake filename values inside my db even
> after my changes:
>
> here is prrof:   http://superhost.gr/?show=stats
>
> Now i need to hit my head into the wall until i understand how this thing


Here is the link proof of the hack because now i have deleted this bogus 
entries:   http://i.imgur.com/eqahBMj.png

Perhaps these '../../' attempts were actually an attempt to try reading 
sensitive server's data from within'/etc' so to gain root in my system.


Last night i have made some changes to the way i validate user input but 
as it seems the new scenario didn't work efficiently.

I just re-altered something and i'm curious if this can happen once again.




More information about the Python-list mailing list