Hacked and need to reset password

Advanced guestbook 2.2

Got hacked and top of guestbook was black with a message saying they had control. Managed to get into mysql data base and removed the message causing the problem

HTML was disabled but they still managed to hack it.

Also my password no longer works. I am pretty sure I am using correct name and password but no go.

What can I do to get this corrected? First i need to get in and find out what my username is and the password, then i need to know how to stop the hackers from exploiting again.

And you didn't bother to read the second and third sticky's of this forum because?

Carbonize wrote:And you didn't bother to read the second and third sticky's of this forum because?

Basic human nature - we only read directions if all else fails - isn't it great? LOL

On top of that he or she didnt even bother to leave a link to the Guestbook.

Sorry I should have gone back to the sticky's but after friggin around for several hours trying to use phpadmin to get into the database and look for and remove the entries, then trying every password i could think of I just fired of a msg looking for help. Now that I have reset the password I will spend more time looking at the security side and comparing this guestbook with others.

JTD

On top of that he or she didnt even bother to leave a link to the Guestbook

Why would I? the first thing I did was make it inaccessible by changing the name as I would think most should do until they fix the problem.

Anyone out there tried Xeobook. I was told by my host that this guestbook was pretty secure against hackers.

P.S. Admin How long does it take for the email to be sent after registering?
I filled form out earlier this evening and still haven't a reply.

Don't know as it's not my site and I joined a long time ago. Advanced Guestbook, like any script, is only secure if it kept upto date. Unfortunately Advanced Guestbook is over 2 years old. I have just put the finishing touches to a beta version of Advanced Guestbook 2.3.2 which I was hoping JTD would test for me but he doesn't answer his friggin emails. Advanced Guestbook 2.3.1 is very secure, I have been running it for 2 years without incident except for spam which I have dealt with and help others deal with.

I was reading tonight that phpbb.com (developers of the message board we are using here and now) was hacked via AWStats vulnerability - Let's face it - everything and everyone is vulnerable at some point - we're only able to plug holes as they become obvious and in the meantime its on a wing and a prayer....

Carbonize wrote:Don't know as it's not my site and I joined a long time ago. Advanced Guestbook, like any script, is only secure if it kept upto date. Unfortunately Advanced Guestbook is over 2 years old. I have just put the finishing touches to a beta version of Advanced Guestbook 2.3.2 which I was hoping JTD would test for me but he doesn't answer his friggin emails. Advanced Guestbook 2.3.1 is very secure, I have been running it for 2 years without incident except for spam which I have dealt with and help others deal with.

Right now JTD has enough problems with his host *AGAIN* To even consider trying to get something new to run. Besides that you didnt send a download link.

Just a quick add-on about the beta gb.

I'll be be able to test it next week when i'm back home.

Yay a willing victim. My new installer works fine I'm just adding some error checking to prevent it saying successful when it's not.