Hacked - can´t delete message

My guestbook has been hacked. From admin I am not able to edit or delete the hacked message, because the hacker has removed both "edit" and "delete".

You can delete the the post using phpmyadmin then upgrade to latest version 2.3.1

If you do not have phpMyAdmin then email me the url along with the username and password for the guestbook and I will delete it. Once I delete it you will need to apply the exploit fix I've posted in several places to prevent it happening again.

I had the same problem a couple of days ago and everyone was SO helpful!!! I do have phpMyAdmin so I was able to delete the message that way. But I got this info from Trevor after I e-mailed him for help!

Some hackers are trying to get clever by removing the delete links to their offending messgaes, or in your case, having an image so big you can't see anything else. If it ever happens again there's an easy way round it...

Add a new entry to the guestbook
Log in and access the admin panel
Go to the entry you've just added
Point mouse to delete button for new entry, right click, copy shortcut
Paste shortcut into address bar, it'll look something like this...
http://www.yoursite.com/guestbook/admin.php?action=del&tbl=gb&id=123&session=d40f55d2856a686e0f6f8766ba701bb1&uid=1
Reduce the highlighted number by 1 (if the offending entry was 5 entries prior to the one you've just added you'd reduce the number by 5 etc).
Hit enter (or click 'go') and it'll delete the offending entry.

Or you could just use the Tab key to go through the links. The url of the link will be displayed in the status bar. Personally I use Firefox web browser by Mozilla which as "find as you type" so I just type in delete and it selects the first instance of delete in the page which is usually the delete link.

I fixed my guestbook after yeasterday´s hacking, but now we have been hacked again. When I tried to access the guestbook, this page showed up:

#rsy - irc.gigachat.net - olinuxbrasil@bol.com.br

I then restored yeasterday`s backup, after the fix, and now I got this error message:

Warning: mysql_connect(): Access denied for user: 'root@localhost' (Using password: NO) in /home/hhkas/public_html/guestbook/lib/mysql.class.php on line 30
Connection Error

Check the SQL settiings in admin/conifg.inc.php

I deletet the complete guestbook (all files and folders) and installed the version 2.3.1 from ground, which means that my guestbook is empty. Can I restore the backup of the database-file taken from the hacked guestbook or is this db-file hacked too?

You can restore the backup of your database. If it was made after the hack the hack will still be there.

The backup unfortunately was made after the hack.

Thanks for help everybody! I have learned a lot from this. This forum works much better and faster than the paid support from my web host provider.

I'm guessing the backup is a file which you then use to insert the data back into the tables. You could delete the entry from the file before restoring it.