Jump to content

Help! I keep getting hacked!

bpops

By bpops
in MySQL Help

 Share

Recommended Posts

bpops Member

bpops

Posted
Posted

I'm posting this in the MySQL forums, because my guess is the cause of this lies in MySQL security, but perhaps you all can direct me to another cause.

 

For the past several months, my site keeps getting hacked. I originally had an old PHPbb forum on it. I completely removed out of fear this was the cause. More recently, my host suspended my account saying that the mysql server was being overloaded (impossible with my small userbase). At this time, I had the latest version of phpbb. I totally removed it too out of fear this was the root.

 

But today I'm hacked again! I know exactly what happens when I'm hacked, I get iframes put into my html code linking to known malware site, ffshrie.

 

Now, how could someone possibly be changing my php files? Wouldn't they have to have ftp access? I have changed my password many times. Could this be done through MySQL somehow?

 

Any help is appreciated!

Link to comment
Share on other sites
uniflare Newbie

uniflare

Posted
Posted

Can you determine if in fact an of the php files themselves get modified, or an of the templates. (Any physical files).

 

Or are the malicous inserts in the mysql database? I would assume the latter.

 

I would believe somewhere in the code is an output of mysql data content; without htmlentities, where someone could potentially post javascript tags, disable any HTML settings for posts on the BB's.

 

There are two forms of mysql attacks i know are common -

 

[1]. MySQL Injection

Whereby users can insert malicous mysql commands directly into unsecure mysql queries.

 

[2]. CSS (Cross Site Scripting)

This is a form of CSS, where the user inputs javascript into a mysql table, eg, in his name, his name could contain the Javascript code for an IFrame or worse.

 

--

There are plenty of "PHP Security" Tutorials available on the internet. eg;

http://www.phpfreaks.com/tutorial/php-security/page2

======

 

Other than that i would move host entirely, check for trojans on your pc (like key-loggers) and see if you still get hacked, it's not impossible for hosting companies to lose private data.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.