Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
My guestbook has been hacked  XML
Forum Index » Support Forum
Author Message
[Post New]29/10/2004 13:05:00
    Subject: My guestbook has been hacked
[Up]
Anonymous



HI
My guestbook has been hacked can somebuddy help me to fix it.

I can still log in with my passw., but can not delete the entry and in myphpadmin i can not find the last message.

http://www.freeadam.com/guestbook/index.php
[Post New]29/10/2004 14:14:27
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
Ok thats weird you're the third person who's been hacked and for whom the known exploit doesn't work.

Anyway in phpMyAdmin click on book_data in left hand pane.
Click Browse in right hand pane.
Click the button marked >> to jump to last entries then look for the one with the name Mike Speed & Janey Jane and delete it.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]29/10/2004 14:46:14
    Subject:
[Up]
Anonymous



Thanks Carbonize

The geustbook work again

Thanks again
[Post New]31/10/2004 12:47:31
    Subject:
[Up]
amber222
Graduate

Joined: 07/05/2004 21:13:07
Messages: 586
Offline
HTML code is enabled

:o
[Post New]31/10/2004 16:37:35
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
yes but it only allows specific HTML tags. Or maybe not. Now I think about it I'm not sure. Will look into it.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]01/11/2004 13:06:13
    Subject:
[Up]
Anonymous



hi now i can not log in to my admin page
have to change that to
was thingking everything was oke before i remove the entry.
it was possible to login.
afther remove is not more possible.
[Post New]01/11/2004 13:45:34
    Subject: book_auth
[Up]
Anonymous



benny wrote:hi now i can not log in to my admin page
have to change that to
was thingking everything was oke before i remove the entry.
it was possible to login.

Iam try to browser the book_auth but is not possible to browser all the others book_ is possible. whats the next step ?
afther remove is not more possible.
[Post New]01/11/2004 13:46:45
    Subject: Re: book_auth
[Up]
Anonymous



benny wrote:
benny wrote:hi now i can not log in to my admin page
have to change that to
was thingking everything was oke before i remove the entry.
it was possible to login.
afther remove is not more possible

Iam try to browser the book_auth but is not possible to browser all the others book_ is possible. whats the next step ?
.
[Post New]01/11/2004 14:55:07
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
Repeating yourself over and over will not get you helped any faster. If anything it's more likely to get your questions ignored.

I have editted the install.php file to reset the username and password. Not tested it yet so use it at your own risk. Simply download www.carbonize.co.uk/reset.zip and extract the file called reset.php. Upload reset.php to your guestbook folder and then visit it in your web browser.

ONCE DONE YOU MUST DELETE THIS FILE!!
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]01/11/2004 15:18:27
    Subject:
[Up]
Anonymous



Parse error: parse error, unexpected '{' in /home/websites/sitename.com/www/guestbook/reset.php on line 46

this is what happend when i run the reset.php
[Post New]01/11/2004 18:14:40
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
Oh these things are sent to make me better lol. I'll fix it.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]01/11/2004 18:17:32
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
I made a small booboo which should be fixed now. Redownload it and try again.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]01/11/2004 19:24:22
    Subject:
[Up]
Anonymous



Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/websites/.com/www/guestbook/reset.php on line 48

[Post New]01/11/2004 19:47:25
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
rewriting a huge chuck of it as we speak.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]01/11/2004 19:55:27
    Subject:
[Up]
Anonymous



if u want the login detail i can send it right now fore u
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum