How the heck could this happen?
I checked a very important document folder I had that had irriplaceable NASA documents and I see this:
http://www.moonport.org/documents/
All the documents have been deleted and this spam index appears.
I left it online as evidence for possible legal action againsed the owner of this domain. I have contacted the service provider for this domain and filed a complaint. But the bottom line is how the hell could this have happened? Many documents were lost by this vandal!
Is this a security issue with Hostony or something???? I'm not too happy now.
Full Version: Vandelism to my site
I see my files are being restored as I type this. (I checked and noticed the files coming back as I hit refresh.) 
Thanks guys!
Thanks guys!
The problem has been solved.
There is no secure problem from our side.
You can check http://www.moonport.org/documents/ now.
There is no secure problem from our side.
You can check http://www.moonport.org/documents/ now.
QUOTE(ser_pros @ May 6 2005, 02:53 AM)
The problem has been solved.
There is no secure problem from our side.
You can check http://www.moonport.org/documents/ now.
There is no secure problem from our side.
You can check http://www.moonport.org/documents/ now.
I just checked and noticed that my files were being restored. Thats a record for service. Not even 5 minutes after saving the message here.
Someone must have guessed my password. But I think it may be the fact that there is no index file in this folder. I'm gonna fix that really fast.
Thanks again guys.
Your welcome. 
jim:
you need to get a index file in there if you dont want those documents to be listed as they are..
heres one for ya:
you can paste that into a txt file and save it as index.php, or default.php, however you are set up..
or you can use this:
and save that as .htm or .html, instead of php.
not trying to tell ya what to do with your webpage, just mentioning this as you had mentioned you didnt have a default page in there, and i checked out your link, and there is still not one there.
now if you want to get fancy with it, and have a page for people to download the files from ya and not have open access to your directory, you can use this:
paste that into a txt file and save it as index.php.
what that file will do is the same as the file downloader that i use on my site here:
http://files.nbkillas.net/misc/
of course you can change the text in the php file to your liking, and i edited it as if your logo.jpg from your front page is copied into the documents directory, which will need to be done if you use this as it is..
the size of the list box is set to account for all your files you want to share plus 1, so there is a space at the bottom of the list.
i counted 16 documents so i set the size to 17.
this is a very easy to use page, and anyone who wants it feel free to grab it and use it to your hearts content, and if you have any questions, feel free to pm me thru here or email me at wh0r3@nbkillas.net
you need to get a index file in there if you dont want those documents to be listed as they are..
heres one for ya:
CODE
<?php
//
// Blank HTML Page
//
?>
<html>
<head>
<title>No index browsing, please...</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
</body>
</html>
//
// Blank HTML Page
//
?>
<html>
<head>
<title>No index browsing, please...</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
</body>
</html>
you can paste that into a txt file and save it as index.php, or default.php, however you are set up..
or you can use this:
CODE
<html>
<head>
<title>No index browsing, please...</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
</body>
</html>
<head>
<title>No index browsing, please...</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
</body>
</html>
and save that as .htm or .html, instead of php.
not trying to tell ya what to do with your webpage, just mentioning this as you had mentioned you didnt have a default page in there, and i checked out your link, and there is still not one there.
now if you want to get fancy with it, and have a page for people to download the files from ya and not have open access to your directory, you can use this:
CODE
<?/* Place this script in the directory you want to enable file downloads from. */
/* Change $phpfile to the name of this php script to filter it out. */
/* Change $logofile to the name of your logo image to filter it out. */
/* The $name is the name given to the combo box. Default is fine, shouldn't need to change */
$path="./";
$name="directory";
$phpfile="index.php";
$logofile="top.jpg";
$d1=array();
$nd1=0;
$handle=opendir($path);
while ($file = readdir($handle)) {
if (($file != ".") && ($file != "..") && ($file != $phpfile) && ($file != $logofile)) {
$d1[$nd1++]="$file";
}
}
sort($d1);
closedir($handle);
?>
<HTML>
<HEAD>
<TITLE>Moonport Document Snatcher</TITLE>
</HEAD>
<BODY BGCOLOR="BLACK">
<img src="top.jpg"><Center><FONT SIZE="6" COLOR="#66FF00">Moonport Document Snatcher</FONT>
<P><FONT SIZE="4" COLOR="#00FFFF"><B>File List</B></p>
<form>
<p>
<Font color="#00FFFF">Choose a File:</Font>
<form>
<select name="<?php echo "$name";?>" align= "middle" size=17>
<? for ($i = 0; $i < count($d1); $i++) { echo("<option value=$d1[$i]>$d1[$i]</option>\n"); } ?></Select>
</form>
<Button onclick="window.open('<?php echo "$path";?>'+document.all.directory.value)">CLICK HERE to GRAB IT!</BUTTON>
</form>
<P><FONT SIZE="3" COLOR="yellow"><B>© moonport.org 2005</B></p>
</BODY>
</HTML>
/* Change $phpfile to the name of this php script to filter it out. */
/* Change $logofile to the name of your logo image to filter it out. */
/* The $name is the name given to the combo box. Default is fine, shouldn't need to change */
$path="./";
$name="directory";
$phpfile="index.php";
$logofile="top.jpg";
$d1=array();
$nd1=0;
$handle=opendir($path);
while ($file = readdir($handle)) {
if (($file != ".") && ($file != "..") && ($file != $phpfile) && ($file != $logofile)) {
$d1[$nd1++]="$file";
}
}
sort($d1);
closedir($handle);
?>
<HTML>
<HEAD>
<TITLE>Moonport Document Snatcher</TITLE>
</HEAD>
<BODY BGCOLOR="BLACK">
<img src="top.jpg"><Center><FONT SIZE="6" COLOR="#66FF00">Moonport Document Snatcher</FONT>
<P><FONT SIZE="4" COLOR="#00FFFF"><B>File List</B></p>
<form>
<p>
<Font color="#00FFFF">Choose a File:</Font>
<form>
<select name="<?php echo "$name";?>" align= "middle" size=17>
<? for ($i = 0; $i < count($d1); $i++) { echo("<option value=$d1[$i]>$d1[$i]</option>\n"); } ?></Select>
</form>
<Button onclick="window.open('<?php echo "$path";?>'+document.all.directory.value)">CLICK HERE to GRAB IT!</BUTTON>
</form>
<P><FONT SIZE="3" COLOR="yellow"><B>© moonport.org 2005</B></p>
</BODY>
</HTML>
paste that into a txt file and save it as index.php.
what that file will do is the same as the file downloader that i use on my site here:
http://files.nbkillas.net/misc/
of course you can change the text in the php file to your liking, and i edited it as if your logo.jpg from your front page is copied into the documents directory, which will need to be done if you use this as it is..
the size of the list box is set to account for all your files you want to share plus 1, so there is a space at the bottom of the list.
i counted 16 documents so i set the size to 17.
this is a very easy to use page, and anyone who wants it feel free to grab it and use it to your hearts content, and if you have any questions, feel free to pm me thru here or email me at wh0r3@nbkillas.net
hey jim i just noticed something:
whoever put that index file into your directory must be a "junior hacker" after all, he used frontpage to code his html for him..
lol
whoever put that index file into your directory must be a "junior hacker" after all, he used frontpage to code his html for him..
lol
QUOTE(wh0r3 @ May 6 2005, 11:27 AM)
jim:
you need to get a index file in there if you dont want those documents to be listed as they are..
heres one for ya:
<code clipped>
paste that into a txt file and save it as index.php.
what that file will do is the same as the file downloader that i use on my site here:
http://files.nbkillas.net/misc/
of course you can change the text in the php file to your liking, and i edited it as if your logo.jpg from your front page is copied into the documents directory, which will need to be done if you use this as it is..
the size of the list box is set to account for all your files you want to share plus 1, so there is a space at the bottom of the list.
i counted 16 documents so i set the size to 17.
this is a very easy to use page, and anyone who wants it feel free to grab it and use it to your hearts content, and if you have any questions, feel free to pm me thru here or email me at wh0r3@nbkillas.net
you need to get a index file in there if you dont want those documents to be listed as they are..
heres one for ya:
<code clipped>
paste that into a txt file and save it as index.php.
what that file will do is the same as the file downloader that i use on my site here:
http://files.nbkillas.net/misc/
of course you can change the text in the php file to your liking, and i edited it as if your logo.jpg from your front page is copied into the documents directory, which will need to be done if you use this as it is..
the size of the list box is set to account for all your files you want to share plus 1, so there is a space at the bottom of the list.
i counted 16 documents so i set the size to 17.
this is a very easy to use page, and anyone who wants it feel free to grab it and use it to your hearts content, and if you have any questions, feel free to pm me thru here or email me at wh0r3@nbkillas.net
Dude, this is NICE! I was out of town the past few days and just saw this reply, hense my lack of response. I finally got around to it and gave it a whirl. This is much better than just displaying a boring default directory. Thanks!
your welcome
one thing i would do tho, is to look at the code you have at the beginning of your php page, and you need to add in a reference so that people do not see or have access to your .htaccess file:
thats how it is now, and this will show you what to add:
making those changes (look for the additions i put in there that reference $accessfile) will remove the .htaccess from the list of downloadable files.
hope that is understandable for ya!
one thing i would do tho, is to look at the code you have at the beginning of your php page, and you need to add in a reference so that people do not see or have access to your .htaccess file:
CODE
<?/* Place this script in the directory you want to enable file downloads from. */
/* Change $phpfile to the name of this php script to filter it out. */
/* Change $logofile to the name of your logo image to filter it out. */
/* The $name is the name given to the combo box. Default is fine, shouldn't need to change */
$path="./";
$name="directory";
$phpfile="index.php";
$logofile="top.jpg";
$d1=array();
$nd1=0;
$handle=opendir($path);
while ($file = readdir($handle)) {
if (($file != ".") && ($file != "..") && ($file != $phpfile) && ($file != $logofile)) {
$d1[$nd1++]="$file";
}
}
sort($d1);
closedir($handle);
?>
/* Change $phpfile to the name of this php script to filter it out. */
/* Change $logofile to the name of your logo image to filter it out. */
/* The $name is the name given to the combo box. Default is fine, shouldn't need to change */
$path="./";
$name="directory";
$phpfile="index.php";
$logofile="top.jpg";
$d1=array();
$nd1=0;
$handle=opendir($path);
while ($file = readdir($handle)) {
if (($file != ".") && ($file != "..") && ($file != $phpfile) && ($file != $logofile)) {
$d1[$nd1++]="$file";
}
}
sort($d1);
closedir($handle);
?>
thats how it is now, and this will show you what to add:
CODE
<?/* Place this script in the directory you want to enable file downloads from. */
/* Change $phpfile to the name of this php script to filter it out. */
/* Change $logofile to the name of your logo image to filter it out. */
/* The $name is the name given to the combo box. Default is fine, shouldn't need to change */
$path="./";
$name="directory";
$phpfile="index.php";
$accessfile=".htaccess";
$logofile="top.jpg";
$d1=array();
$nd1=0;
$handle=opendir($path);
while ($file = readdir($handle)) {
if (($file != ".") && ($file != "..") && ($file != $phpfile) && ($file != $accessfile) && ($file != $logofile)) {
$d1[$nd1++]="$file";
}
}
sort($d1);
closedir($handle);
?>
/* Change $phpfile to the name of this php script to filter it out. */
/* Change $logofile to the name of your logo image to filter it out. */
/* The $name is the name given to the combo box. Default is fine, shouldn't need to change */
$path="./";
$name="directory";
$phpfile="index.php";
$accessfile=".htaccess";
$logofile="top.jpg";
$d1=array();
$nd1=0;
$handle=opendir($path);
while ($file = readdir($handle)) {
if (($file != ".") && ($file != "..") && ($file != $phpfile) && ($file != $accessfile) && ($file != $logofile)) {
$d1[$nd1++]="$file";
}
}
sort($d1);
closedir($handle);
?>
making those changes (look for the additions i put in there that reference $accessfile) will remove the .htaccess from the list of downloadable files.
hope that is understandable for ya!
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.