Well I found one of my sites hacked tonight. The config.php file had been overwritten with "
Hacked by CyberLord
". What I'm trying to figure out is the extent and type of the attack. From the looks of it, it was a scripted attack. Nothing else was hit but that one, very common, file. So at first it seems like a harmless, non-personal attack.
But, the site is entirely coded by me, and there is no part of it that could lead to someone overwriting a file. For that there'd need to be some file writing mechanism or something that uses system commands, of which there are none. Now I do have WordPress installed, related to that site, but it is in a different directory. How could a script have gone from that directory to the other? And why were no other config files touched? I've got a beta version of that site setup in another directory with the exact same layout of files, but it's untouched.
One small mistake on my part is that the config.php file had 777 file permissions (rsync problem). Perhaps that has something to do with it. If the script searched for all config files and tried to overwrite them this would be the only config file it could have overwritten.
In any case, I highly suspect WordPress being the culprit. Does anyone have any info on vulnerabilities in WordPress? I installed it about a month ago. Or any info in general about what may have caused this.
"Your WebSite died because it wasn't pretty enough."
Looks like he's been a busy fellow:
link
Pete
It was for a good cause though. 
One of the Google entries said Cyberlord was here for Islam. His religion told him to hack a website? Cool...
Which site was that? I'd like to take a look, if you don't mind. Is the config file the only one with 777 privileges?
Probably some retard 13 year old using on old hole and a tool.
Is register globals on? If so, Wordpress is vulnerable to bad cookies.
if PhpBB is used, theres all sorts of bugs that let people replace index files with messages. Lots of PHP software is like that for somereason. Can't quite fathom why 
ML: Yes, I believe it is ON for WordPress. I disable it on my custom sites, but I don't have a global htaccess installed yet for every site. What kind of vulnerability is that? Does it apply to a month old version and allow the execution of shell commands?
Actually most of them say something about Islam... Your website must be a victim of the jihad. 
ML: Thank you for the link. I stopped keeping up on BugTraq a long time ago. Too much work.
Me too, I just typed "Wordpress exploit" in google. (And pressed the search button.)
You could also press enter.
In fact, google suggests that 
(And pressed the search button.)
Genius!
I always get stuck with submit buttons.
I only use the feeling lucky button, I'm just that good.
I never use the "im feeling lucky button". I dont even understand the point of it really. Are people so lazy they cant be bothered to click "search" and then click on the first link? I like to see all my options( at least the first page ) before clicking on something.
Are people so lazy they cant be bothered to click "search" and then click on the first link?
Just asking such questions shows you don't know how lazy people can get. 
If I want to feel lucky, I enter my search term into Firefox's address bar and let FF do the dirty work for me. I'm just that much better than you.
I only use the im feeling lucky feature in konqueror. typing a couple words into (or sometimes a non url) the address bar goes to I'm Feeling Lucky. so it has its uses, sometimes. though that feature doesn't work all that well anymore.
For the longest time I thought the "I'm feeling lucky" button was some sort of advert, and never clicked it. I figured it was some gambling-related site or something
I use I'm Feeling Lucky if I know which site I want to go to, but not the domain/URL of it... It just means less clicking and waiting.
Though, the only problem with IFL is if the websites' popularity changes...
For the longest time I thought the "I'm feeling lucky" button was some sort of advert, and never clicked it. I figured it was some gambling-related site or something
So did I.
This is why I try things
Many people ask me how I know so much (which I admit isn't much at all) about things like Office and what not, and all I can say is its because I explore the interface and see what things do. Then theres the people who are afraid of hitting buttons as if its going to blow up their house. Somewhat like you guys
I'm kind of like Tomasu. A lot of times I click stuff just for the hell of it.
its because I explore the interface and see what things do
I was very surprised when I learned that most people don't do this.
Oh, I try plenty. I remember the good old days of me hitting every single configuration option in Windows 98. Taught me a lot about how computers work. Nowadays I try things in my areas of expertise, but try to get help on other issues. Which is why I bug my contacts for sysadmin help
Most people only look at the center of the screen. That's why I like the <marquee> tag so much.