f**ks sake
Printed From: Web Wiz Forums
Category: General Discussion
Forum Name: General Discussion
Forum Description: General discussion and chat on any topic.
URL: https://forums.webwiz.net/forum_posts.asp?TID=15701
Printed Date: 31 March 2026 at 11:59am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: f**ks sake
Posted By: Gullanian
Subject: f**ks sake
Date Posted: 02 July 2005 at 10:56pm
| Some f***ing idiot has found a gap in my service and sent 6,000 messages. |
Replies:
Posted By: Gullanian
Date Posted: 02 July 2005 at 11:16pm
|
Man this is really bad. I did the site so I didn't need a retail job this summer, and to help fund my University fees. Now someone has soaked up a majoirty of my profits, which I was going to invest in advertising, and unless I can get it back up and running sucessfully soon then I'm doomed to crappy jobs. If I can get the IP's of this user, what can I do? I have a feeling he is in the United States, and I want to hunt this guy down and bill him. |
Posted By: Bluefrog
Date Posted: 02 July 2005 at 11:51pm
|
Ouch. Sorry to hear that. You're probably out of luck for getting the money back, but you can try. Perhaps telephoning his ISP might help... Telephone the police in the area where the ISP is located/incorporated. Not sure what you can do and actually get satisfaction... ------------- http://renegademinds.com/" rel="nofollow - Renegade Minds - Guitar Software http://renegademinds.com/Default.aspx?tabid=65" rel="nofollow - Slow Down Music |
Posted By: Gullanian
Date Posted: 02 July 2005 at 11:57pm
|
Well, I have weblogs to try and get his IP, but I've never analysed weblogs before. Any free tools to do so? I can look at who made 6,000 requests that day from the same IP and then take it from there. I'm going to make every effort humanly possible to get this guy to pay. |
Posted By: dpyers
Date Posted: 03 July 2005 at 1:48am
|
http://directory.google.com/Top/Computers/Software/Internet/Site_Management/Log_Analysis/Freeware_and_Open_Source/ - http://directory.google.com/Top/Computers/Software/Internet/Site_Management/Log_Analysis/Freeware_an d_Open_Source/ A lot of people use AWstats. Although all of them should enable you to view traffic by most frequent referrer. Edit: Are you still hosting with GH? IIRC, they had a stats tool that could handle this. Edit 2: You might want to change your profie here. The www button is still set to iaxx.com ------------- 
Lead me not into temptation... I know the short cut, follow me. |
Posted By: the boss
Date Posted: 03 July 2005 at 4:06am
|
sorry to hear that.. but u cant really blame someone taking advantage of loop holes, security bugs.. a lesson learnt..be careful next time.. ------------- http://www.web2messenger.com/theboss"> 
|
Posted By: Gullanian
Date Posted: 03 July 2005 at 9:14am
|
Of course I can blame someone for doing that! It's illegal and an fellony in the US. Ok, so if they saw it and send a few texts fine, I can deal with that, but he sent 6,000 that contained no data in a matter of hours. He achieved this by breaking into my account somehow. I'm going to find him. |
Posted By: michael
Date Posted: 04 July 2005 at 9:45am
|
Good luck man, that really sucks. ------------- http://baumannphoto.com" rel="nofollow - Blog | http://mpgtracker.com" rel="nofollow - MPG Tracker |
Posted By: zMaestro
Date Posted: 09 July 2005 at 5:42am
| I'm so sorry to hear this, will you be charged for this 6000 messages? |
Posted By: Phat
Date Posted: 09 July 2005 at 6:11am
|
Dam! Do you know how he did it? Curios to make sure none of my sites have holes in them. ------------- http://buildit.sitesell.com/sitebuildithome.html - Get a website that sells |
Posted By: zMaestro
Date Posted: 09 July 2005 at 6:49am
Dam! Do you know how he did it? Curios may be i can send some too. |
Posted By: theSCIENTIST
Date Posted: 09 July 2005 at 12:34pm
|
I'm also sorry to hear about it, someone got to your account? Could that have been due to a weak password? Or, are you storing it in clear text and he did hack the server and got it from there? Maybe stole your cookie?
Anyway, curious to know how. It will be difficult for you to make him pay, you have to have solid proof and have blood sucking lawyers ready, also advisers on this matter, it will be expenssive and there's no guarantees you will succeed. Have you secured your app against XSS and CSRF? ------------- :: http://www.mylittlehost.com/ - www.mylittlehost.com |
Posted By: Phat
Date Posted: 09 July 2005 at 11:56pm
|
Here is some info about the above: http://www.squarefree.com/securitytips/web-developers.html - http://www.squarefree.com/securitytips/web-developers.html ------------- http://buildit.sitesell.com/sitebuildithome.html - Get a website that sells |
Posted By: dfrancis
Date Posted: 10 July 2005 at 9:00am
|
Great phat... thanks.
I drilled down to the homepage (blog) and found a link to a log analyzer that might help in the investigation...
 Analog http://www.analog.cx/ - http://www.analog.cx/
|
Posted By: Gullanian
Date Posted: 11 July 2005 at 2:31am
| Thanks for all your help guys. |
Posted By: Bluefrog
Date Posted: 11 July 2005 at 10:00am
Analog is very good and you'll get a lot of good info out of it. Start with the "BIG.cfg" file and customize it. You'll still likely need a text editor as well though for pin pointing things. Cheers ------------- http://renegademinds.com/" rel="nofollow - Renegade Minds - Guitar Software http://renegademinds.com/Default.aspx?tabid=65" rel="nofollow - Slow Down Music |
dfrancis wrote:Posted By: pmormr
Date Posted: 13 July 2005 at 2:48am
|
Gullanian... do you have a way of telling from WHICH username the message were sent??? ------------- Paul A Morgan http://www.pmorganphoto.com/" rel="nofollow - http://www.pmorganphoto.com/ |
Posted By: Gullanian
Date Posted: 14 July 2005 at 2:31am
|
Not from a username, I keep counters. An interesting development, I have his IP address now. It's saying he is from Oxfordshire, which is the same country I am in. |
Posted By: Gullanian
Date Posted: 14 July 2005 at 2:40am
| An even more interesting development, it comes from my University. |
Posted By: pmormr
Date Posted: 14 July 2005 at 2:41am
do a WHOIS lookup on the IP... contact his isp and request that they look at their logs at the time the messages were sent to see who was using that address. once you have a person... press charges (i love the law  ) ------------- Paul A Morgan http://www.pmorganphoto.com/" rel="nofollow - http://www.pmorganphoto.com/ |
Posted By: pmormr
Date Posted: 14 July 2005 at 2:41am
|
could it have been you by accident?? ------------- Paul A Morgan http://www.pmorganphoto.com/" rel="nofollow - http://www.pmorganphoto.com/ |
Posted By: Gullanian
Date Posted: 14 July 2005 at 2:47am
| Ahhhh grrr Im wrong, the company sent me the complete wrong logs what a pain I thought I had it |