If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Hacked - can´t delete message  XML
Forum Index » Support Forum
Author Message
Anonymous



My guestbook has been hacked. From admin I am not able to edit or delete the hacked message, because the hacker has removed both "edit" and "delete".
Anonymous



You can delete the the post using phpmyadmin then upgrade to latest version 2.3.1
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

If you do not have phpMyAdmin then email me the url along with the username and password for the guestbook and I will delete it. Once I delete it you will need to apply the exploit fix I've posted in several places to prevent it happening again.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
39 Reasons
Beginner

Joined: 23/06/2004 10:08:41
Messages: 10
Location: Los Angeles, CA
Offline

I had the same problem a couple of days ago and everyone was SO helpful!!! I do have phpMyAdmin so I was able to delete the message that way. But I got this info from Trevor after I e-mailed him for help!

Some hackers are trying to get clever by removing the delete links to their offending messgaes, or in your case, having an image so big you can't see anything else. If it ever happens again there's an easy way round it...

Add a new entry to the guestbook
Log in and access the admin panel
Go to the entry you've just added
Point mouse to delete button for new entry, right click, copy shortcut
Paste shortcut into address bar, it'll look something like this...
http://www.yoursite.com/guestbook/admin.php?action=del&tbl=gb&id=123&session=d40f55d2856a686e0f6f8766ba701bb1&uid=1
Reduce the highlighted number by 1 (if the offending entry was 5 entries prior to the one you've just added you'd reduce the number by 5 etc).
Hit enter (or click 'go') and it'll delete the offending entry.

No excuses.... just 39 Reasons
www.39reasons.com
[WWW] aim icon
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Or you could just use the Tab key to go through the links. The url of the link will be displayed in the status bar. Personally I use Firefox web browser by Mozilla which as "find as you type" so I just type in delete and it selects the first instance of delete in the page which is usually the delete link.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Frank&chico
Newbie

Joined: 28/10/2004 07:15:45
Messages: 3
Location: Norway
Offline

I fixed my guestbook after yeasterday´s hacking, but now we have been hacked again. When I tried to access the guestbook, this page showed up:

#rsy - irc.gigachat.net - olinuxbrasil@bol.com.br

I then restored yeasterday`s backup, after the fix, and now I got this error message:

Warning: mysql_connect(): Access denied for user: 'root@localhost' (Using password: NO) in /home/hhkas/public_html/guestbook/lib/mysql.class.php on line 30
Connection Error
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Check the SQL settiings in admin/conifg.inc.php

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
Frank&chico
Newbie

Joined: 28/10/2004 07:15:45
Messages: 3
Location: Norway
Offline

I deletet the complete guestbook (all files and folders) and installed the version 2.3.1 from ground, which means that my guestbook is empty. Can I restore the backup of the database-file taken from the hacked guestbook or is this db-file hacked too?
Anonymous



You can restore the backup of your database. If it was made after the hack the hack will still be there.
Frank&chico
Newbie

Joined: 28/10/2004 07:15:45
Messages: 3
Location: Norway
Offline

The backup unfortunately was made after the hack.

Thanks for help everybody! I have learned a lot from this. This forum works much better and faster than the paid support from my web host provider.
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

I'm guessing the backup is a file which you then use to insert the data back into the tables. You could delete the entry from the file before restoring it.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum