Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
Advanced Poll Hack  XML
Forum Index » Support Forum
Author Message
[Post New]16/11/2006 14:42:15
    Subject: Advanced Poll Hack
[Up]
larryParry
Newbie

Joined: 16/11/2006 14:40:07
Messages: 4
Location: Sheffield, England
Offline
We run Advanced Poll and twice in two weeks we have had the poll destroyed by a hacker. S/he has corrupted all the data, removed the log file and destroyed the info - although all other files seem in tact. Is there anything that can be done to stop this - or do we have to look for something else? Thanks
[Post New]16/11/2006 15:16:35
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
What version are you using? Are you sure they haven't managed to get hold of your username and password? Also are you using the database version or the textfile version?
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]19/11/2006 18:55:54
    Subject:
[Up]
larryParry
Newbie

Joined: 16/11/2006 14:40:07
Messages: 4
Location: Sheffield, England
Offline
Carbonize wrote:What version are you using? Are you sure they haven't managed to get hold of your username and password? Also are you using the database version or the textfile version?

Dunno about getting our info - how would anyone do that? We are using db version and v2.04 (PHP)
Cheers
[Post New]19/11/2006 19:02:21
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
Well when you say removed the log file which log are you refering to? Also you might want to update to the latest version of Advanced Poll. As to getting yur info they could of brute forced it or possibly infected your computer with a keylogger but I doubt this.

You say they corrupted all data. Care to elaborate?
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]19/11/2006 19:08:41
    Subject:
[Up]
larryParry
Newbie

Joined: 16/11/2006 14:40:07
Messages: 4
Location: Sheffield, England
Offline
Carbonize wrote:Well when you say removed the log file which log are you refering to? Also you might want to update to the latest version of Advanced Poll. As to getting yur info they could of brute forced it or possibly infected your computer with a keylogger but I doubt this.

You say they corrupted all data. Care to elaborate?

Cheers for your help, by the way.
We were logging IPs and the whole log disappeared. Also, the Poll was re-set to have been running since 1970, and the options had been changed from 25 to 190 and in our Admin Menu, the poll was locked and all stats gone... Does sound like someone got in, doesn't it? We have, of course, changed the password. (You can see the Poll at www.radio2XS.com - there's a link on the front page to vote.
[Post New]19/11/2006 19:15:21
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
You were logging IPs or you had the script logging IPs?

Does sound like someone gained access but if there was an exploit in the script it would of been wider abused by now. As I said update to 2.0.7 and keep your fingers crossed. If it happens again I will tell you how to make the admin even more secure.
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
[Post New]19/11/2006 22:49:57
    Subject:
[Up]
larryParry
Newbie

Joined: 16/11/2006 14:40:07
Messages: 4
Location: Sheffield, England
Offline
OK, we've upgraded to the new version. Thanks for the help.
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum