https://proxy2.de/forum/posts/list/3.php JForum - http://www.jforum.net
Today the guestbook (version 2.2) on a very popular site in NL ha sbeen kind of hacked.

Someone was able to remove the top of the page (the logo part) and include a racial text...!

Several people have been on the phone!

We have removed it but want to make sure this NEVER happens again...

Thanks! (perhaps a chmod on a file?)

I'll wait here for your answer...

Thanks]]> https://proxy2.de/forum/posts/preList/3035/8036.php https://proxy2.de/forum/posts/preList/3035/8036.php GMT Maybe the server has a leak.
You could also upgrade to version 2.3.1]]> https://proxy2.de/forum/posts/preList/3035/8037.php https://proxy2.de/forum/posts/preList/3035/8037.php GMT
We're currently checking the server logs. The file has probably been uploaded together with a comment. Not a server leak...a script leak.

I can't find the release notes of the latest version. What garuantees does this new version has?

Thanks!]]> https://proxy2.de/forum/posts/preList/3035/8038.php https://proxy2.de/forum/posts/preList/3035/8038.php GMT I don't know wich bugs, but it might be better then the version you now use.
version 2.3.0 had a bug in the admin section and 2.3.1 fixed that.

But it sounds if version 2.2 has a SQL Injection Exploit bug, this is common to bad coding in php scripts.

Do you have a link to your guestbook?]]> https://proxy2.de/forum/posts/preList/3035/8039.php https://proxy2.de/forum/posts/preList/3035/8039.php GMT
try this : http://gastenboek.leidapieters.nl/

Thanks!]]> https://proxy2.de/forum/posts/preList/3035/8040.php https://proxy2.de/forum/posts/preList/3035/8040.php GMT
So I suggest you upgrade to the latest version.]]> https://proxy2.de/forum/posts/preList/3035/8041.php https://proxy2.de/forum/posts/preList/3035/8041.php GMT https://proxy2.de/forum/posts/preList/3035/8045.php https://proxy2.de/forum/posts/preList/3035/8045.php GMT
It was in the guestbook of our dutch Atlantikwall Museum website. Also a racial text in the header and the language was put to Polish together with some other strange adjustments...

Is it possible this was a hack only against the advanced guestbook? And how did the hacker now were to find the guestbooks?

My biggest problem is now after I fixed al the changes (and everything was working like it should) I logged out of the admin.php and the whole guestbook doesn't seem to work anymore....

Are there more people with the same problem? and just to be shure, can I save al the messages that were submitted when it worked?

If you want to see that it doens't work go here http://www.atlantikwall-museum.nl/gastenboek/admin.php or /index2.php or /addentry.php]]> https://proxy2.de/forum/posts/preList/3035/8068.php https://proxy2.de/forum/posts/preList/3035/8068.php GMT
I really hope someone can help, the guestbook is a important page on our website.

thank you!

Peter]]> https://proxy2.de/forum/posts/preList/3035/8069.php https://proxy2.de/forum/posts/preList/3035/8069.php GMT
As you can see I have a lot of questions

I just don't understand why someone would hack the guestbook of a respectfull museum...

Hoping for a reply and thanks!

Peter]]> https://proxy2.de/forum/posts/preList/3035/8070.php https://proxy2.de/forum/posts/preList/3035/8070.php GMT
All your mesagges will be spared only the layout of the guestbook will be back to default.

You will have to use PHPMYADMIN or something similar. Phpmyadmin is what most web server hosts use for their clients to access the database.

Replace all files (with the original guestbook 2.3.1) and update your database with the SQL file.

[code]# MySQL dump 8.16
#
# Host: localhost Database: gb23
#--------------------------------------------------------
# Server version 3.23.42

#
# Table structure for table 'book_pics'
#

CREATE TABLE book_pics (
msg_id int(11) NOT NULL default '0',
book_id int(11) NOT NULL default '0',
p_filename varchar(100) NOT NULL default '',
p_size int(11) unsigned NOT NULL default '0',
width int(11) unsigned NOT NULL default '0',
height int(11) unsigned NOT NULL default '0',
KEY msg_id (msg_id),
KEY book_id (book_id)
) TYPE=MyISAM;

ALTER TABLE `book_config` ADD `thumbnail` SMALLINT(1) NOT NULL, ADD `thumb_min_fsize` INT(10) NOT NULL; [/code]]]> https://proxy2.de/forum/posts/preList/3035/8074.php https://proxy2.de/forum/posts/preList/3035/8074.php GMT
Thanks for the quick reaction!

Still one problem. I get the following error when trying to updat the SQL

[list]Error

SQL-query :

CREATE DATABASE /*!32312 IF NOT EXISTS*/gb22

MySQL said:


#1044 - Access denied for user: 'atlantik@localhost' to database 'gb22'

[/list]

I've never done this before so maybe i am doing something wrong... I accessed the server using phpmyadmin, chose the database for the guestbook, clicked on SQL, located the SQL file (guestbook.sql) and clicked GO... I also tried to put in the code manually but that came out with the same error..

I hope you can come up with the sulution!

Thanks,

Peter]]> https://proxy2.de/forum/posts/preList/3035/8076.php https://proxy2.de/forum/posts/preList/3035/8076.php GMT
Ive also tried the code you placed for me, and the update code, but the book still didn't work]]> https://proxy2.de/forum/posts/preList/3035/8077.php https://proxy2.de/forum/posts/preList/3035/8077.php GMT
[b]Access denied for user:[/b] 'atlantik@localhost' to database 'gb22']]> https://proxy2.de/forum/posts/preList/3035/8081.php https://proxy2.de/forum/posts/preList/3035/8081.php GMT I am also not shure of how far my permissions go.. Im just a simple webmaster

When i used the update version later, it was succesfull.

But unfortunately the guestbook still isn't working. Ill try again tommorow otherwise i think will reinstall the whole program.

It's saternight so time for something else...

Nog ff in het Nederlands, bedankt voor het helpen dusver! Mocht je me nog gaan redden met het gastenboek, biertje?]]> https://proxy2.de/forum/posts/preList/3035/8085.php https://proxy2.de/forum/posts/preList/3035/8085.php GMT
I'm looking into upgrading, now.]]> https://proxy2.de/forum/posts/preList/3035/8086.php https://proxy2.de/forum/posts/preList/3035/8086.php GMT
I looked at your guestbook and I see they have damaged some of the files.



Ik stuur je een mailtje waar je me rechtstreeks kunt bereiken via de site.]]> https://proxy2.de/forum/posts/preList/3035/8087.php https://proxy2.de/forum/posts/preList/3035/8087.php GMT
Do you know what is wrong?]]> https://proxy2.de/forum/posts/preList/3035/8088.php https://proxy2.de/forum/posts/preList/3035/8088.php GMT ]]> https://proxy2.de/forum/posts/preList/3035/8089.php https://proxy2.de/forum/posts/preList/3035/8089.php GMT [/quote]

Huh?]]> https://proxy2.de/forum/posts/preList/3035/8091.php https://proxy2.de/forum/posts/preList/3035/8091.php GMT Normally I always post as Jam’n or Jam_n, but sometimes I just forget to login,]]> https://proxy2.de/forum/posts/preList/3035/8092.php https://proxy2.de/forum/posts/preList/3035/8092.php GMT
I found my fix here: http://proxy2.de/forum/viewtopic.php?t=1981&start=17

Barney]]> https://proxy2.de/forum/posts/preList/3035/8093.php https://proxy2.de/forum/posts/preList/3035/8093.php GMT
$GB_PG["base_url"] = ""; /* e.g htpp://www.yourdomain.com/guestbook/ */
instead of /* e.g htpp://www.yourdomain.com/guestbook/img */]]> https://proxy2.de/forum/posts/preList/3035/8159.php https://proxy2.de/forum/posts/preList/3035/8159.php GMT
It would be great, If we can restore old records.

By the way, is there any change in the tables ?

if one of you mark the changes .]]> https://proxy2.de/forum/posts/preList/3035/8160.php https://proxy2.de/forum/posts/preList/3035/8160.php GMT