How Can I Save My 123flash chat site from being hacked?

Detailed explainations of errors/bugs. cause and fix (if any). also support for your problems here.
Post Reply
King-Of_NaRnIA
Newbie..
Newbie..
Posts: 8
Joined: Mon Nov 28, 2011 2:47 am

How Can I Save My 123flash chat site from being hacked?

Post by King-Of_NaRnIA »

i'm an admin in a flash chat site named filchat and the link is http://host7110.123flashchat.com/filchat/ it started about 4weeks ago when we started loosing the rooms and accounts....some people takes control of the admin panel and also room settings...it's still same. The stuff is going crazy now...we make accounts and withing few hours hackers delete them...they even over write the existing id's of admins and kick people...can u tell what to do to get rid of them?

FYI: i'm new at your forum. i found u by googling the solution of the problem...so if i posted wrong place or section and if my info's r not sufficient plz ask me what more details u need....and plz help me if u can...that would be so kind.
User avatar
KEN
Special
Special
Posts: 751
Joined: Thu Jan 28, 2010 8:11 am

Re: How Can I Save My 123flash chat site from being hacked?

Post by KEN »

I talked to some admin on the chat and he told me that no admin there knows anything..No matter what you will get hacked again and again until you or the admins understand how the admin panel works..you password was not even hidden in the html page..anyone can right click > show page source and find the admin pass.
How you can save the site from being hacked?
teach the admins some basic things or make someone else admin.
King-Of_NaRnIA
Newbie..
Newbie..
Posts: 8
Joined: Mon Nov 28, 2011 2:47 am

Re: How Can I Save My 123flash chat site from being hacked?

Post by King-Of_NaRnIA »

yah most of them don't know anything...actually admin panel is nothing much but about room setting,announcement,and making promotions of moderators....that's what in the panel we see....how to disappear the html source codes and passwords?...also any suggestion u can give us as in "what to do"....we don't understand much about programing stuff so you can guess how poor our knowledge on this matter :-|
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: How Can I Save My 123flash chat site from being hacked?

Post by Sethioz »

uh that chatroom looks like a big mess. i loaded it and some music started playing and it was too annoying. so i never checked further.
judging by URL, it uses some freehosting, which is pretty much fail on its own. meaning you have no access to logs to see wtf is going on and how they do it.
it is nearly impossible to fix something, if you can't get access to log files and see what was exploited.

however if thats true what Ken said, that you can see passwords from page source, then it must be some custom coding badly made. i don't think that 123 flashchat originally supports any of this.

read this topic, it might give you some ideas how it has been hacked:
http://sethioz.com/forum/viewtopic.php?f=47&t=464

my suggestion, reinstall it and do not modify anything that isnt meant for modifying, change only basics, like usernames, theme ..etc and nothing else. also make sure that you have latest 123flashchat installed, not some previous shit version with bugs in it.
King-Of_NaRnIA
Newbie..
Newbie..
Posts: 8
Joined: Mon Nov 28, 2011 2:47 am

Re: How Can I Save My 123flash chat site from being hacked?

Post by King-Of_NaRnIA »

this is an original flash site...we pay for it...owners never thought it will get hacked by the rivals becoz it was free for all and only for fun...so they r not aware of the security stuff...and not even me...don't understand much of this codes url or what ever u say...so u know how worst it is for us... :-(
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: How Can I Save My 123flash chat site from being hacked?

Post by Sethioz »

you pay for this piece of shit ?? do you have access to all the logs and files, because if not, there's nothing you can do.
only solution is to get your own hosting, download the chat system and upload it there, configure it and then you have full control over it.
for example from logs you can see what exactly attacker used to exploit the chat system and then you can "plug" the hole or ban their IP (if its static). some country ISPs only give out static IPs, so in that case IP ban would work probably.

however in some cases, chatroom is just too full of holes, like "tufat flashchat". i did that to one admin myself, because he was looking for a fight. he wasn't complete idiot, so he tried to plug the holes i exploited, but simply chatroom was too full of holes which went too deep and couldn't be repaired without rewriting whole system. i haven't checked into 123flashchat myself, but i assume its same.

there's a reason why professionals use mIRC instead of some flash based stuff.
King-Of_NaRnIA
Newbie..
Newbie..
Posts: 8
Joined: Mon Nov 28, 2011 2:47 am

Re: How Can I Save My 123flash chat site from being hacked?

Post by King-Of_NaRnIA »

well sad but true we pay for that p.o.s :-P ....and u r also right we don't have any log...so we can not see history....and i am not sure how to get the software u r talking about or if it exist even....we have banning power with ip and the mac id...but they use different different source.....well we r following some instructions that KEN gave us...till now looking good....will keep updates here...and thanks man for the advices...hope you keep giving us advices...god bless!
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: How Can I Save My 123flash chat site from being hacked?

Post by Sethioz »

if you have no control over it, then there's not much you can do. i don't even understand why pay for it, while you can pay for proper hosting and upload whole thing yourself so you can fix these bugs.

what software are you referring to ?

and god ? god can kiss my ass and drop dead, anyway lets keep it in topic.
King-Of_NaRnIA
Newbie..
Newbie..
Posts: 8
Joined: Mon Nov 28, 2011 2:47 am

Re: How Can I Save My 123flash chat site from being hacked?

Post by King-Of_NaRnIA »

well i don't know why they pay for this....they took the hosting from 123flashchat....i don't pay for it...i'm just the friend of owner...so we were trying to fix the problem....we found out the rival site who is crushing us with all these... http://host71620.123flashchat.com/CCP/ this is our rival site....i wish to make the same damage to them too....any guideline for that? or maybe if anyone interested to try and burn them they r most welcome!!....as for now give me some guideline if i want to damage them same as they r doing....coz we banned few of them and they said they will explote us soon!! A direct threat to us :(
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: How Can I Save My 123flash chat site from being hacked?

Post by Sethioz »

as i said, you have to have more details. log files or such.

if you want to discuss 123flashchat exploiting / hacking, then use the other topic (one i linked). do not go offtopic.
User avatar
KEN
Special
Special
Posts: 751
Joined: Thu Jan 28, 2010 8:11 am

Re: How Can I Save My 123flash chat site from being hacked?

Post by KEN »

King-Of_NaRnIA wrote:so we can not see history.
which history you talking about?
I was able to see all the msg history and stuff even of private rooms just by playing around with links :p
it seems that your chat owner messed with some wrong person and now he's paying for it..
still to save your chat from being hacked i would say to use mIRC chat instead of 123flashchat which i dont think will happen coz mIRC is not as easy as 123 and the owner looks total idiot anyways..
One more thing is you all have shitloads of admins..when i came there i myself met over 20 admins..and someone told me that there are around 50 admins..one on them might be doing that so ask the owner to have no admin or mods.
here there is only one admin-> sethioz and 2 mods.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: How Can I Save My 123flash chat site from being hacked?

Post by Sethioz »

next time you should include such important facts. now it might seem that it might not be exploit after all. if there are so many admins, it's obvious that one of them is screwing you over or one of them might use simple password or might be infected with keylogger and so on.
this is why its bad idea to have more than 1 admin and even worse idea is to leave out details.
this topic is going offtopic too much, for example why say "my chat" if it isn't even yours, when you said it's yours, i tought you have full control over chat and files.

anyway as i said, you can't do anything if you can't even modify files or have access to any logs and can't see how its done.
King-Of_NaRnIA
Newbie..
Newbie..
Posts: 8
Joined: Mon Nov 28, 2011 2:47 am

Re: How Can I Save My 123flash chat site from being hacked?

Post by King-Of_NaRnIA »

so far we were good 1 week and it's just started again...just lost 5-10 admins including me....sethioz, i never did this stuff before so i don't understand even the basics...the link u attached, half of the topic got over the head of mine...need guidance from the very basic level... :-(
Post Reply