Page 1 of 1

newbie quest

PostPosted: Tue Apr 22, 2008 6:42 am
by Implausible
Hi, heaven knows if I chose the correct thread, but I think this is going to be down to javascript. I have been asked by two men who have been hacked and had various other problems to try and sort out their sites. Looking at the problems (-redacted-) it seems to me that anybody could login and change the pages if they knew how - right? Their domain registration has also been altered but I don't know how. I'm just trying to recover their website and domain name for them, so I need some help.

These guys don't have any working emails, logins, passwords or registration details whatsoever, so I'm on my own. Sigh.

Would it be possible, in theory, to recover their login from the javascript forums on the server, or are they completely scrambled. Is there anything that can be done, other than demanding the website be deleted off the server? Their web host is useless and unhelpful, and the site wasn't even created by the same person who is supposed to be running it.

help please!

Re: newbie quest

PostPosted: Mon Jun 09, 2008 7:02 pm
by Ubagluba
wow you can even download the scripting for the site....kinda sad, i prolly have the least experience or knowledge in hackthissite and i could break the site you're talking about

Re: newbie quest

PostPosted: Wed Jun 11, 2008 8:26 pm
by droptable
The security of you or your friends website is not the responsibility of the web host. JavaScript validation is useless without preforming the same validation server-side. Never trust the client.

Re: newbie quest

PostPosted: Wed Jul 23, 2008 5:56 am
by cplusplushacker
another question, i thought newbie quest would be the right thread... however:

I have two mega newbie questions: :oops:

1. How can you find out the name and the relativ path of the page you are browsing on? - often the path is hidden, but there has to be any possibility to find it out, correct? for instance often you see just kind of following path: http://www.root.org/dir1/sites

2. How is it possible to get a list of files and directories you are browsing in (like the UNIX command ls...), and respectively what are the tricks to find hidden files on the server. How is searching for hidden files and pathes on servers called? (It's hard to google for lecture, if you don't even know what you are searching for...)

Hoping for answer :shock: