cotonti.com : Security Flaw-- sites been hacked

cotonti.com : Security Flaw-- sites been hacked https://www.cotonti.com Последние сообщения в теме Cotonti en Sat, 15 Nov 2025 05:50:52 -0000 duck101
I was talking to another person about this and he made a good point.
It's very possibile that someone could have used a tracking cookie to get access to my passwords. Anyways I think you guys are right in that the problem doesn't lie with cotonti, but it still does seem weird that it happened so soon after I updated to the latest version.

Anyways thanks for all of your help, I have a backup and hopefully will come out with minimal damage.]]> пн, 14 дек 2009 09:34:00 -0000 Kilandor
There really isn't much more security advantages if your doing that. The "hack" is gaining more than just access to cotonti. They are gaining access to your SQL and files (as far as I could tell) cause it seemed they did htaccess redirect all pages to their "hack" page. And it sounded like they wiped all the sql.

So again its far more likely they gained access to your web panel. So far these hacks have only happend in the PSP community, which i'm willing to guess they all also are still using 000webhost

You still have not answered who you are hosted through.]]> сб, 12 дек 2009 16:06:59 -0000 5uper Mario sad

Seems like a ton of PSP-Related sites are being taken out....
...
kinda a good thing if you think about it hahaha

# Kilandor : This is the same "hack" as on the other psp site. I"m sure this is nothing Cotonti related or else this would have been the very first site hacked.

By the looks of it they gained access to cpanel/ftp, or something of the sort. You should see about accessing your raw logs changing passwords etc.

Who are you really hosted through?

Yea, that's what I said. Why "hack" a small site when there are bigger sites?
And this goes back to when someone "hacked" newb - which is Seditio
Believe me, PDC is a MUCH bigger site, with 10 times the # of banned people. They run Seditio. Only time people "thought" someone hacked is when the administrator played a prank. It is a much more hated site, yet they still remain?

000webhost]]> сб, 12 дек 2009 14:01:16 -0000 duck101
That's why this is such a weird situation, as no one would be able to have lucky guesses on that many passwords.

that's why I have no idea how it happened.

I recently (a few days before the hack updated to the latest version of cotonti) which leads me to suspect a possible security problem with cotonti.]]> сб, 12 дек 2009 11:47:17 -0000 Kilandor
If you give admin panel access they basicly usually have full admin access you can't limit it. Giving admin on a forum section only allows them to do forum moderation nothing more, the same for pages]]> сб, 12 дек 2009 08:11:11 -0000 duck101
The only other possiblity is by one of my own mods which I trust very much.

so is there anyway that someone can somehow access a forum sectin set to only admin's and mod's if they aren't]]> сб, 12 дек 2009 06:50:49 -0000 young mone сб, 12 дек 2009 00:49:34 -0000 Kilandor
By the looks of it they gained access to cpanel/ftp, or something of the sort. You should see about accessing your raw logs changing passwords etc.

Who are you really hosted through?]]> пт, 11 дек 2009 15:51:12 -0000 duck101
BTW site should be on the left or go here

Edit: SQL has been completely deleted. how is this possible that they got ahold of the my sql and all the passwords for the site ???????]]> пт, 11 дек 2009 08:09:16 -0000