Hi,

Does anyone seen www.rcelectro.com its hacked by some Pakastani and calling him " Shadow008 & H4x0rL1f3"

Whats wrong with them ??

it's probably sql injection nothing else and they are calling them hackers. Vivek sir needs to change that script.

Dharmik.....I think they forget what they are......

Vivek Sir.....live ur site soon...with better script.....

Some sick jerk - V.K. will resurrect the site in no time at all.

Bet my derriere that this hacker is not from either Pakistan or Bangladesh.

as i remember this is 2nd time happened to rcelectro. i have been dealing with such attacks since 2007 even of the worst when someone gain access to the directory using shell script and uploaded whole phising site of one airline company. nothing over internet 100% secure but it seems that the script has lots of security holes.

i hope the site will be up soon...

Hey,
Sequence of PHP and html has been changed by the hacker in Apache service (?) or the DB content has been added. However if you want the site,
Just go to
http://www.rcelectro.com/index.php

And
Don't enter with username and passcode. Just browse.
As, the DB needs to be corrected(?).


Thanks

The website is UP and running again !!!

I've been to some RC website hacked by some Freedom Pakastani too.
I don't know what they can do with hacked to free their country.

@H-energy - i am not sure if they do it or not

but +1 what you said

Most time the declared persons don't do that.
And even trying to a smallest RC Store, Next to impossible.
Again to the popularity & Alexa ranked like this, I don't believe.

But as he is damaging some LHS's high profit business from his dedication to RC, he is the prime target to them. So, they can post in the hacker's forum to ask for hacking for security vulnerability, as owner of the Site (Assuming the culprit cannot do this). So, it may happen again from any other loophole, I assume.

But, Vivek, please don't put up too-much concentration in hack proofing Site instead RC.

And I request you to write in your homepage that
"Small site dedicated to RC for supplying the RC items cheaper than other. It may be easily hacked, but please don't do that as hacking this site, poor RC enthusiasts will not get the items cheaper." - Vivek Kumar Singh

or as something as you wish, so that other will not invite hacker claiming ownership of your site. Side by side the hackers will not do the changes to a weak site as they want reputation of their work.

It's a simple solution and no hacker even the student won't do that where they are well informed.

It's my personal opinion. You may differ.
RCBazaar, pointing at right time.
About your selection, RapidSSL, the most trusted Scripting Host among Hackers/Crackers community over a decade.

-KalyanProdhan

I completely agree with Kalyan sir. Anyone can easily get into it but it could be serious matter because hacker can misuse information of registered customers fetching from database. I am just worried about that otherwise site can be restored from backup.

A lot of issues can be avoided if the appropriate security patches and upgrades for the cart software (Zen cart, OS Commerce etc) are applied in time.  Some of these are notorious for having security issues, and keeping up with their security patch release schedule is a must.  Proper configuration of PHP settings (php.ini) and web server folder permissions are also a must. 

Despite all this, there are still holes that are currently unknown to general public (called "zero day vulnerabilities"), and no site can be considered foolproof.  But we have to do our part, so that the "script kiddies" can be kept out, and only "true hackers" can do the damage.

Another layer of protection is using things like Suhosin.

http://www.hardened-php.net/suhosin/

Well said Anwer sir.

this is what i saw today, cute

SQL injection again.

Vivek ji add some security modules or components. Dont know much about joomla..

Its a major issue - question of customer privacy.
Not going to register there again. Its happening frequently with rcelectro.
God knows how the hacker will use the customer information, its scary

So raja here is what you do, create a dummy email id i have this with inbox.com or live.com with a random mail id. like and use this to register on every site or forums this is what i usually do for most of the sites (which i think is unsafe and can be cracked)

Good tip Satya, I have already done something like that, but still eCommerce sites still have our valid phone number, address, name, age etc. Cant fake these values.

ya man... this did not clicked me. I hope his db is fine, just files were affected

On a side note, Gusty( hope you don't mind me calling you that), you're using IE? Why!?!

Is it just me or has VK's activity on RCI come down?

Quote from: iamahuman on September 04, 2012, 03:24:21 PM
a.Gusty( hope you don't mind me calling you that), b.you're using IE? Why!?!

a. not at all b. maintained by sys admin chrome at home , safari on mac

yes, its hacked....

Quote from: rcpilotacro on September 04, 2012, 05:06:52 PM
.. maintained by sys admin ....

That makes sense.