If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
My guestbook version 2.4.3 has been hacked  XML
Forum Index » Advanced Guestbook Forum
Author Message
itsnotme
Newbie

Joined: 08/01/2008 19:17:26
Messages: 3
Offline

Hello again,

i found the table book_auth.Now all i have to do,is to change the password, right?Wanted to be sure,because the pass seems to be encrypted "2e3bf74742005f64".

I think it's version 2.3.x ,i made it with your carbonize script.
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4290
Location: Bristol, UK
Offline

Try my reset script from www.carbonize.co.uk/AG or click the FAQ at http://lazarus.carbonize.co.uk

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
itsnotme
Newbie

Joined: 08/01/2008 19:17:26
Messages: 3
Offline

It worked.Thank you.
jalmz
Beginner

Joined: 19/06/2006 06:48:16
Messages: 25
Offline

guys try to use lazaruz guestbook by carbz
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4290
Location: Bristol, UK
Offline

I doubt they got in through 2.4.3.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
mexstud
Beginner

Joined: 30/08/2007 18:37:27
Messages: 5
Offline

Go to www.yoursite.com/guestbook/misc/forget_pass

There you will be asked for the name and password of the database used by your guestbook, and after that you will be able to enter a new password.

Something I don't understand anyway, is how to block ip´s like 087206213221 or some others that use only five numbers like 345-89.pl. One of my guestbooks is being hacked by owners of those kind of ip´s and it seems not to be possible to block them to put silly things at the book. But all of them comes from .pl (poland?)
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4290
Location: Bristol, UK
Offline

AG just stored the hostname which I've always thought was stupid. It was one of the first things I changed for Lazarus.

Anyway try http://whois.domaintools.com to get the ip from the hostname.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Feestgrot
Newbie

Joined: 17/01/2008 14:32:47
Messages: 1
Offline

Hello Everybody,

My guestbook (version 2.4.3.) also receives spam messages. I reinstalled the script, do not use the standard login and password and refuse html in the markup of the messages. Ofcourse this version includes the robot-check by using the image with a code that is needed before you can publish a new message.

Does anybody know how I can resolve this?

Thank you in advance.
[WWW]
karenbee
Beginner

Joined: 26/01/2008 11:11:35
Messages: 5
Offline

Hi
I have just registered as I have been hacked twice now but only have 2.4.2. I am using Dataflame as my host and I do not know very mcuh about all of this and they loaded the Guestbook onto my site in the first place. Each time they have sorted the problem but yesterday I got 6 spam entries - all the same except the name. Dataflame suggested upgrading the Guestbook, but by the look of all these entries, that will not help! Any suggestions that an amatuer could deal with?
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4290
Location: Bristol, UK
Offline

You have captcha enabled?

You should all be on the latest version.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
karenbee
Beginner

Joined: 26/01/2008 11:11:35
Messages: 5
Offline

I assume captcha is where you have have to copy the letters that appear in the box? This seems to be there automaticially and I can't see anywhere in my settings where it allows me to turn it on or off. Actually Dataflame have now installed the 2.4.3 version although it is not entirely working as the emoticons/ pictures are not appearing!
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4290
Location: Bristol, UK
Offline

Open config.inc.php and edit the base_url.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
karenbee
Beginner

Joined: 26/01/2008 11:11:35
Messages: 5
Offline

Oh dear -I wish I knew what you meany by that! Or where to find it. Is that what captcha is then?
karenbee
Beginner

Joined: 26/01/2008 11:11:35
Messages: 5
Offline

I have found where it says captcha.php on the LHS and there is a load of code on the RHS.
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4290
Location: Bristol, UK
Offline

There is a line marked

$base_url = '';

Put your guestbooks url between the '

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum