If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
My guestbook has been hacked  XML
Forum Index » Support Forum
Author Message
Anonymous



HI
My guestbook has been hacked can somebuddy help me to fix it.

I can still log in with my passw., but can not delete the entry and in myphpadmin i can not find the last message.

http://www.freeadam.com/guestbook/index.php
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Ok thats weird you're the third person who's been hacked and for whom the known exploit doesn't work.

Anyway in phpMyAdmin click on book_data in left hand pane.
Click Browse in right hand pane.
Click the button marked >> to jump to last entries then look for the one with the name Mike Speed & Janey Jane and delete it.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Anonymous



Thanks Carbonize

The geustbook work again

Thanks again
amber222
Graduate

Joined: 07/05/2004 21:13:07
Messages: 586
Offline

HTML code is enabled

:o
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

yes but it only allows specific HTML tags. Or maybe not. Now I think about it I'm not sure. Will look into it.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Anonymous



hi now i can not log in to my admin page
have to change that to
was thingking everything was oke before i remove the entry.
it was possible to login.
afther remove is not more possible.
Anonymous



benny wrote:hi now i can not log in to my admin page
have to change that to
was thingking everything was oke before i remove the entry.
it was possible to login.

Iam try to browser the book_auth but is not possible to browser all the others book_ is possible. whats the next step ?
afther remove is not more possible.
Anonymous



benny wrote:
benny wrote:hi now i can not log in to my admin page
have to change that to
was thingking everything was oke before i remove the entry.
it was possible to login.
afther remove is not more possible

Iam try to browser the book_auth but is not possible to browser all the others book_ is possible. whats the next step ?
.
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Repeating yourself over and over will not get you helped any faster. If anything it's more likely to get your questions ignored.

I have editted the install.php file to reset the username and password. Not tested it yet so use it at your own risk. Simply download www.carbonize.co.uk/reset.zip and extract the file called reset.php. Upload reset.php to your guestbook folder and then visit it in your web browser.

ONCE DONE YOU MUST DELETE THIS FILE!!

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Anonymous



Parse error: parse error, unexpected '{' in /home/websites/sitename.com/www/guestbook/reset.php on line 46

this is what happend when i run the reset.php
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Oh these things are sent to make me better lol. I'll fix it.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

I made a small booboo which should be fixed now. Redownload it and try again.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Anonymous



Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/websites/.com/www/guestbook/reset.php on line 48

Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

rewriting a huge chuck of it as we speak.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Anonymous



if u want the login detail i can send it right now fore u
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum