Published Date: 2020/02/12 by: DaVieS

Warning! Seems like webdevelopment went crazy!
If you would like to avoid any hacking or destructive operations by attackers see below, you may found this little article interesting.

To recover your lost Database and avoid leaking it: Send us 0.06 Bitcoin (BTC) to our Bitcoin address 1Mo24VYuZfZrDHw7GaGr8B6iZTMe8JbWw8 and contact us by Email with your Server IP or Domain name and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your Database is downloaded and backed up on our servers. Backups that we have right now: plife_geniza, plife_shop, plife_crm . If we dont receive your payment in the next 10 Days, we will make your database public or use them otherwise.

So what to do? - We help that.

How did they hacked me...

The most common attack methods are:

.env files (Laravel) may contains your database passwords and any sensitive data, this file should not been used by Laravel this is simply irresponsibility since PHP was born all passwords are must be stored in PHP files.
.git files, this is a Git Repository if this available to attackers they could grab your source code including passwords.
.ini files sometimes a beginner PHP programmers uses .INI files to store passwords
.db / .sqlite We discovered many SQlite database available in websites that contains passwords or any sensitive datas.
User-Agent XSS: if your website tracking User-Agent or any header sent to the server and if you can see them like in admin-area you should 'escaping' against < > html codes, because if you dont a well crafted query could lead to hijacking your session.
You didn't use SSL.
You are using wordpress

Prevention!

Prevention is always the best solution, here are some steps:

Make sure the Database Server is unreachable from internet.
Disable some paths / extensions in your webserver config
- .git
- .env (Laravel uses it, no clue how do they think this...)
- .ini
- .db
- .sqlite
Make a regular backups and upgrade your server periodically.

If you like the article then don't forget to share!

bhyve webadmin, web control panel

FreeBSD uses bhyve as hypervisor! So.. no questions we are using FreeBSD for web, mailing, devel, for everything.Now we would like to drop KVM /..

Side Quest, BVCP WebUI for FreeBSD Bhyve

Okay, so we are in middle to upgrade and realign our infrastructure and happened days ago with a random facebook talk, someone hinted FreeBSD..

Corrupted innoDB on linux ext4, data recovery

I could say I saw a everthing but not, here is the case: There is a VM Host with ZFS Storage, direct attached, and there is a Linux VPS with ext4..

FreeBSD 13 Just Released

FreeBSD The best operating system for serve WEB and FTP has just announced yesterday, that the newest version is ready for production. One of the..

MVCP 2.0 is our biggest thing ever

We promised to be released back in 2020 but COVID make us busy too.MVCP is our "Webhosting" packed into a single appliance top on the WORLD..

What is R3 as Certificate Issuer?

Don't panic, it is still Let's Encrypt. Let's Encrypt is a free SSL Certificate provider, issuing certificates automatically but only for 3..

Happy New Year, 2021

Thank you, we are happy to see you here again! nPulse.net site and it's services are performed better by more than 50% overall in 2020 compared..

Seems Google have serious problems with gmail.com

It started about a week ago, gmail.com started an agressive rate limiting (DEFER), seems gmail.com have serious problems regarding to all of our..

System Upgrade, PHP 8.0 Failures

So today we had a little downtime partially due to security upgrades, and major version upgrades.nPulse.net is linked to many services, most of..

PayPal going to support crypto currencies

According to the latest news we can confirm that PayPal has entered the cryptocurrency market allowing for their customers to buy and sell..

Secure your webserver

How did they hacked me...

Prevention!

Credits and Partners