Announcement

Collapse
No announcement yet.

db_mysql.php being used to hack my site/database.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    It seems unlikely that you'd get hacked through a one-off script. But, meanwhile, I don't see where you're doing any validation of name or comment before passing it into the mysql engine. Do you?

    Comment


    • #17
      I deleted the script off of my server, and I don't really need it, so I'm not going to bother to check for its security holes. Though if someone could point one out that could possibly be the reason for this to happen, I'd be happy.

      Comment


      • #18
        How does your host know that the server is "secure"

        Comment


        • #19
          All installations are up-to-date, all security patches are installed, and extra measures have been taken to keep the server secure.

          Comment


          • #20
            doesnt mean the user hasnt accessed the server via the root account though ssh or some other means of gaining access to the server, for all you know it could be a malicious user on the server already.

            Comment


            • #21
              A server is only as secure as the passwords of all the accounts on that server.
              Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
              Change CKEditor Colors to Match Style (for 4.1.4 and above)

              Steve Machol Photography


              Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


              Comment


              • #22
                Then that means that the server is secure. All passwords that could give anyone access to the server were unique, alpha-numeric 10+ digit passwords.

                Comment


                • #23
                  You could check if your dirs are properly chmodded to avoid the user to read/write/execute through the browser.

                  Comment


                  • #24
                    Good idea. Thanks, floris

                    Comment


                    • #25
                      Yes but do you use this to login to ftp or check your email?

                      If you are not using a secure email autentication and secure ftp settings your password is being sent as plaintext

                      Comment


                      • #26
                        Originally posted by Steve Machol
                        BTW I get a 'forbidden' error when trying to access your site:

                        http://vgchat.com/
                        Yep. I tried everything. That, disable SSH, and FTP, with telnet allready being disabled, and they STILL edited the site!!! I know that on my server they got root access some how because TWICE they deleted the domain off my server, and they edited the config file for the domain after I edited it once to redirect to Hyper's site.

                        Now I did a system restore and they havn't touched it since. Now my trouble is geting mySQL to accept the mySQL password! Right now I'm downgraded to WWWBoard.
                        Public Domain Content
                        Amazon/Webmaster Services

                        Comment

                        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                        Working...
                        X